URL: https://rightsleeping.com/ad/derila-us-ad-2/
Submission: On December 14 via api from AU — Scanned from AU

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 61 HTTP transactions. The main IP is 34.174.103.16, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rightsleeping.com.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time rightsleeping.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 34.174.103.16 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
8 172.217.167.67 15169 (GOOGLE)
1 108.158.32.86 16509 (AMAZON-02)
2 108.158.20.53 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.67.110.93 16509 (AMAZON-02)
1 2600:9000:277... 16509 (AMAZON-02)
1 3 52.8.103.62 16509 (AMAZON-02)
2 157.240.8.35 32934 (FACEBOOK)
1 54.155.186.43 16509 (AMAZON-02)
5 2600:9000:277... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 23.40.52.18 20940 (AKAMAI-AS...)
1 13.250.84.149 16509 (AMAZON-02)
61 18
Apex Domain
Subdomains
Transfer
28 rightsleeping.com
rightsleeping.com
313 KB
13 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10787
t.sharethis.com — Cisco Umbrella Rank: 7050
sync.sharethis.com — Cisco Umbrella Rank: 4116
69 KB
8 gstatic.com
fonts.gstatic.com
79 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
179 KB
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
694 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 5577
171 B
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 148674
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
61 12
Domain Requested by
28 rightsleeping.com 1 redirects rightsleeping.com
8 fonts.gstatic.com fonts.googleapis.com
5 platform-cdn.sharethis.com rightsleeping.com
2 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
2 www.facebook.com rightsleeping.com
2 l.sharethis.com 1 redirects
2 connect.facebook.net rightsleeping.com
connect.facebook.net
2 platform-api.sharethis.com www.googletagmanager.com
platform-api.sharethis.com
2 www.googletagmanager.com rightsleeping.com
www.googletagmanager.com
1 sync.sharethis.com
1 bcp.crwdcntrl.net platform-api.sharethis.com
1 www.google-analytics.com www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 script.hotjar.com static.hotjar.com
1 cdn.clkmc.com www.googletagmanager.com
1 static.hotjar.com rightsleeping.com
1 fonts.googleapis.com rightsleeping.com
61 18

This site contains links to these domains. Also see Links.

Domain
topdeal.today
Subject Issuer Validity Valid
*.rightsleeping.com
R11
2024-11-22 -
2025-02-20
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-19 -
2025-05-17
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-23 -
2024-12-22
3 months crt.sh
clkmc.com
WE1
2024-10-30 -
2025-01-28
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
cert1-prod.aut.a24365.net
R11
2024-11-04 -
2025-02-02
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03
2024-09-08 -
2025-10-08
a year crt.sh

This page contains 2 frames:

Primary Page: https://rightsleeping.com/ad/derila-us-ad-2/
Frame ID: 73B52B44CDA377CA2D3301BACEA7E603
Requests: 59 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=B
Frame ID: FA86EB8D7BF65B384842400C93A92663
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

“I Wake Up Refreshed With No More Tension Headaches” - Here’s How Over 50s Can Experience The Same

Page URL History Show full URLs

  1. https://rightsleeping.com/ad/derila-us-ad-2 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-2/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

61
Requests

97 %
HTTPS

35 %
IPv6

12
Domains

18
Subdomains

18
IPs

4
Countries

798 kB
Transfer

2308 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rightsleeping.com/ad/derila-us-ad-2 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-2%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E2%80%9CI%20Wake%20Up%20Refreshed%20With%20No%20More%20Tension%20Headaches%E2%80%9D%20-%20Here%E2%80%99s%20How%20Over%2050s%20Can%20Experience%20The%20Same&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=In%20older%20adults%2C%20ongoing%20sleep%20disorders%20can%20lead%20to%20much%20bigger%20problems%20such%20as%20irritability%2C%20low%20energy%2C%20and%20an%20increased%20risk%20of%20falling.&ua=&ua_mobile=false&ua_full_version_list=&uuid=3171e1a7-5ed5-4c86-9935-6dafb14559d8 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-2%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E2%80%9CI%20Wake%20Up%20Refreshed%20With%20No%20More%20Tension%20Headaches%E2%80%9D%20-%20Here%E2%80%99s%20How%20Over%2050s%20Can%20Experience%20The%20Same&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=In%20older%20adults%2C%20ongoing%20sleep%20disorders%20can%20lead%20to%20much%20bigger%20problems%20such%20as%20irritability%2C%20low%20energy%2C%20and%20an%20increased%20risk%20of%20falling.&ua=&ua_mobile=false&ua_full_version_list=&uuid=3171e1a7-5ed5-4c86-9935-6dafb14559d8&samesite=None

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rightsleeping.com/ad/derila-us-ad-2/
Redirect Chain
  • https://rightsleeping.com/ad/derila-us-ad-2
  • https://rightsleeping.com/ad/derila-us-ad-2/
69 KB
16 KB
Document
General
Full URL
https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
72f2efcfa06ceb1cc153d0c2ce82dcdb5fc44c63d10b218b62e43b874d1b4cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 03:44:24 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://rightsleeping.com/wp-json/>; rel="https://api.w.org/" <https://rightsleeping.com/wp-json/wp/v2/ad/1447>; rel="alternate"; title="JSON"; type="application/json" <https://rightsleeping.com/?p=1447>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 03:44:24 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://rightsleeping.com/ad/derila-us-ad-2/
server
nginx
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:
x-redirect-by
WordPress
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
slick.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/
2 KB
721 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-6f0"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
slick-theme.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/
3 KB
996 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick-theme.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-c49"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-library/
112 KB
14 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1c012"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/components/
86 KB
12 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/components/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-158b7"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/preferences/
1 KB
719 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/preferences/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-5bb"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-editor/
115 KB
15 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1ca2a"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/reusable-blocks/
542 B
461 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-21e"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/patterns/
2 KB
840 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/patterns/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-6ed"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/editor/
58 KB
9 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-e7a3"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
blocks.style.build.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/
1 KB
486 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/blocks.style.build.css
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-411"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
widget-areas.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/components/
3 KB
859 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-d1c"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
main.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/
19 KB
4 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-4c38"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
style.css
rightsleeping.com/wp-content/themes/generatepress_child/
255 B
379 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress_child/style.css?ver=1659802030
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"62ee91ae-ff"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Sat, 06 Aug 2022 16:07:10 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de12babcd45b46ad40f4073c83eba31f31efd8eae4b7299631ffb1dc49f780d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 03:44:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:44:25 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 14 Dec 2024 03:44:25 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
rightsleeping.com/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c1944-15601"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 08 Nov 2023 23:27:00 GMT
server
nginx
vary
Accept-Encoding
jquery-migrate.min.js
rightsleeping.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"64d557c0-3509"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 10 Aug 2023 21:33:52 GMT
server
nginx
vary
Accept-Encoding
slick.js
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/
87 KB
14 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-15b7b"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
logo-1.png
rightsleeping.com/wp-content/uploads/2022/08/
10 KB
10 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1.png
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

cache-control
max-age=31536000
etag
"62eecfa7-266b"
expires
Sun, 14 Dec 2025 03:44:25 GMT
accept-ranges
bytes
content-length
9835
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Sat, 06 Aug 2022 20:31:35 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-244.jpeg
rightsleeping.com/wp-content/uploads/2023/10/
52 KB
52 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2023/10/Derila-244.jpeg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9f5f9511cc099f65a848e8002427087db937472d1717a28a0790a066abcd4843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

cache-control
max-age=31536000
etag
"6534d0c5-cf1e"
expires
Sun, 14 Dec 2025 03:44:25 GMT
accept-ranges
bytes
content-length
53022
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/jpeg
last-modified
Sun, 22 Oct 2023 07:35:33 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-245-1024x535.jpeg
rightsleeping.com/wp-content/uploads/2023/10/
45 KB
45 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2023/10/Derila-245-1024x535.jpeg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
28d9901ac9ec91563f6f31cc6b85e856df2c67c0606ef6b01fcae34897494947

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

cache-control
max-age=31536000
etag
"6534d0ef-b34a"
expires
Sun, 14 Dec 2025 03:44:25 GMT
accept-ranges
bytes
content-length
45898
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/jpeg
last-modified
Sun, 22 Oct 2023 07:36:15 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-246-1024x536.jpeg
rightsleeping.com/wp-content/uploads/2023/10/
69 KB
69 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2023/10/Derila-246-1024x536.jpeg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f07fbb6528c41089c608cd0ea3572c3d8518ccef51dbde82eef2493d07047db6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

cache-control
max-age=31536000
etag
"6534d121-1120b"
expires
Sun, 14 Dec 2025 03:44:25 GMT
accept-ranges
bytes
content-length
70155
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/jpeg
last-modified
Sun, 22 Oct 2023 07:37:05 GMT
server
nginx
x-proxy-cache-info
DT:1
smooth-scroll.min.js
rightsleeping.com/wp-content/plugins/gp-premium/general/js/
7 KB
3 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d3245c-1ae3"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Sat, 31 Aug 2024 14:10:36 GMT
server
nginx
vary
Accept-Encoding
ta.js
rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/
11 KB
3 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.11.2
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"667a3735-2bc0"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 03:19:17 GMT
server
nginx
vary
Accept-Encoding
menu.min.js
rightsleeping.com/wp-content/themes/generatepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-1ca5"
expires
Sun, 14 Dec 2025 03:44:25 GMT
date
Sat, 14 Dec 2024 03:44:25 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
2aedc277-7b21-456a-8c05-771e516edc8b
https://rightsleeping.com/ Frame
0
0

gtm.js
www.googletagmanager.com/
216 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7eb9ad84accfb3b351afe5d85ab06d1392c1ad39fb900a97e192d0c4048a14d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 14 Dec 2024 03:44:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77987
x-xss-protection
0
server
Google Tag Manager
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
275225
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 23:17:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 23:17:21 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v15/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
296704
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 17:19:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 17:19:22 GMT
last-modified
Thu, 24 Aug 2023 17:45:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24768
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
269865
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 00:46:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 00:46:41 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
296736
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 17:18:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 17:18:50 GMT
last-modified
Wed, 04 Dec 2024 06:52:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7824
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
293763
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 18:08:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 18:08:23 GMT
last-modified
Wed, 04 Dec 2024 06:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
318197
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 11:21:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 11:21:09 GMT
last-modified
Wed, 04 Dec 2024 06:51:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8596
x-xss-protection
0
server
sffe
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
240417
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 08:57:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 08:57:29 GMT
last-modified
Wed, 04 Dec 2024 06:54:04 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
297253
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 17:10:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 17:10:13 GMT
last-modified
Wed, 04 Dec 2024 06:53:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7632
x-xss-protection
0
server
sffe
wp-emoji-release.min.js
rightsleeping.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://rightsleeping.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"660de70a-4926"
expires
Sun, 14 Dec 2025 03:44:26 GMT
date
Sat, 14 Dec 2024 03:44:26 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 23:32:26 GMT
server
nginx
vary
Accept-Encoding
admin-ajax.php
rightsleeping.com/wp-admin/
3 KB
658 B
XHR
General
Full URL
https://rightsleeping.com/wp-admin/admin-ajax.php
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8d72aca332b452c5f3fdc9ba8d93ac66bc808ad0b177bd56386d2d855bd13658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-2/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-proxy-cache-info
DT:1
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://rightsleeping.com
host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
server
nginx
js
www.googletagmanager.com/gtag/
300 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4cc1v893062484za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c84e4bfb73bc3e421d40825438a95bfc8a4aafc5cf996eb22aac7f1ae020604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 14 Dec 2024 03:44:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104551
x-xss-protection
0
server
Google Tag Manager
hotjar-3140239.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-86.syd3.r.cloudfront.net
Software
/
Resource Hash
37272f6ee517a309c6b2dc92172b1c1f34612a542862c8ca762eab55bf6e0abc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
etag
W/a3ac5ee75b6c14dbe2d53aa97da9fd10
age
12
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
-7PHHEd08i8A4HtgyeCtQ3JQr3zVBPd9rNiH6_8LcmZca1SvG0nj5A==
date
Sat, 14 Dec 2024 03:44:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD3-P2
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-53.syd62.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
382
via
1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HtQEjTvsJOULQqI9IHMQi7jgWkue5B5uHA9VBRh1ggIlyNYdR_jB8Q==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Sat, 14 Dec 2024 03:38:04 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Pm51Ceqb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Pm51Ceqb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4527, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Z39R6UljHUAhRYYauWJTxa8k0yIfRNCSa1pmpjj6CQOTFfsB/ae8nJoQNhEx7pUoB6Xjq0mU0VrIxWAY2Cxy5g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
cmc.js
cdn.clkmc.com/
21 KB
21 KB
Script
General
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
300
cf-cache-status
HIT
etag
"66e1cc81-527f"
age
1240150
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 29 Dec 2024 19:15:15 GMT
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 16:59:45 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
public, max-age=2592000, no-transform
pragma
public
access-control-allow-credentials
true
cf-ray
8f1b3204fc0c7e3c-SYD
accept-ranges
bytes
content-length
21119
server
cloudflare
modules.675199526fcb21f102e5.js
script.hotjar.com/
222 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.675199526fcb21f102e5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-93.syd62.r.cloudfront.net
Software
/
Resource Hash
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"787cb060b057c5d555662c23eb0e0d17"
age
308238
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
KRS6_P3P8q1jaHosxSjxPkRYoTT-uLvlIL6-dETEdPT9EzNGcGumDA==
date
Tue, 10 Dec 2024 14:07:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 14:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 3468af8a053b0ff241626aed87444af8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56361
x-amz-cf-pop
SYD62-P2
1436609853526364
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1436609853526364?v=2.9.179&r=stable&domain=rightsleeping.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
2aaf42f1717df06f860758d6013325f277e7c709168cea840619f4cabf53f113
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-6tSrtazF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-6tSrtazF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=77, mss=1232, tbw=70511, tp=65, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
YPJblU1bcXxmd5paNRJdiCl80VNvVUjVzbacPCmPLyfJWSRZ9HEa++mAVUBgL19uGdFswjrsHt/ubTde30u0zg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14185
x-xss-protection
0
origin-agent-cluster
?1
62ef670c899767001cf551f5.js
buttons-config.sharethis.com/js/
591 B
1 KB
Script
General
Full URL
https://buttons-config.sharethis.com/js/62ef670c899767001cf551f5.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:7200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

etag
"003fac9805946cf8bd2244181e9c96ca"
age
11
x-cache
Hit from cloudfront
x-amz-cf-id
WiRtiWSJtd94-PMhtO_HjMmo2biR4bFpo2Gzz6ug8kMVFMX6ENRZnA==
date
Sat, 14 Dec 2024 03:44:15 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Sun, 07 Aug 2022 07:31:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=60
via
1.1 f5bc0d54a76b57b6f435f98d3e741ea4.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
591
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-2%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&source=sharethis.js&...
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-2%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&source=sharethis.js&fcm...
176 B
699 B
XHR
General
Full URL
https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-2%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E2%80%9CI%20Wake%20Up%20Refreshed%20With%20No%20More%20Tension%20Headaches%E2%80%9D%20-%20Here%E2%80%99s%20How%20Over%2050s%20Can%20Experience%20The%20Same&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=In%20older%20adults%2C%20ongoing%20sleep%20disorders%20can%20lead%20to%20much%20bigger%20problems%20such%20as%20irritability%2C%20low%20energy%2C%20and%20an%20increased%20risk%20of%20falling.&ua=&ua_mobile=false&ua_full_version_list=&uuid=3171e1a7-5ed5-4c86-9935-6dafb14559d8&samesite=None
Protocol
HTTP/1.1
Server
52.8.103.62 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-103-62.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
04cca900d03d79ac562b4524e7ae071c63d61937d508bf049256844b0dbae04d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZH0ABGdc/xsAAAAJErYTAw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
176
Date
Sat, 14 Dec 2024 03:44:27 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
*

Redirect headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Location
/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-2%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E2%80%9CI%20Wake%20Up%20Refreshed%20With%20No%20More%20Tension%20Headaches%E2%80%9D%20-%20Here%E2%80%99s%20How%20Over%2050s%20Can%20Experience%20The%20Same&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=In%20older%20adults%2C%20ongoing%20sleep%20disorders%20can%20lead%20to%20much%20bigger%20problems%20such%20as%20irritability%2C%20low%20energy%2C%20and%20an%20increased%20risk%20of%20falling.&ua=&ua_mobile=false&ua_full_version_list=&uuid=3171e1a7-5ed5-4c86-9935-6dafb14559d8&samesite=None
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZH0ABGdc/xsAAAAJErYTAw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
876
Date
Sat, 14 Dec 2024 03:44:27 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?batch=1&events[0]=id%3D1436609853526364%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Frightsleeping.com%252Fad%252Fderila-us-ad-2%252F%26rl%3D%26if%3Dfalse%26ts%3D1734147866474%26sw%3D1600%26sh%3D1200%26v%3D2.9.179%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1734147866472.249800767877161169%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1734147866421%26coo%3Dfalse%26exp%3Df1&rqm=GET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4543, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
199 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&rl=&if=false&ts=1734147866474&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734147866472.249800767877161169&ler=empty&cdl=API_unavailable&it=1734147866421&coo=false&exp=f1&rqm=FGET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448108371405903403"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
eOKp+iGOF54Tp67saY+T/nwCIag5OdPVCaOWdrkINvwIFBzXqP35LcbJ/L9zbVg7ia2T0CdPkL4RFkfMInnuLw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448108371405903403", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4911, tp=13, tpl=0, uplat=268, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=3140239&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.675199526fcb21f102e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.155.186.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-186-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d5d879100f1ee06d7bf0e042d5c24f558f036552f9a7fc20d41131b23b307035

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Sat, 14 Dec 2024 03:44:27 GMT
content-type
application/json
facebook-white.svg
platform-cdn.sharethis.com/img/
357 B
779 B
Image
General
Full URL
https://platform-cdn.sharethis.com/img/facebook-white.svg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:7600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
etag
"d2c2caf5b123988ddd17ceeb1c7d9d50"
age
2445087
via
1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
357
x-amz-cf-id
dXbhomANB0HsGmmc9D3L-gM8c0-aeKV6iEtKJo2FgpxkejDZtPF-AQ==
date
Fri, 15 Nov 2024 20:33:00 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
twitter-white.svg
platform-cdn.sharethis.com/img/
641 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/twitter-white.svg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:7600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4842f835de39abaa449973e6beb13260b52d1bace5843d2246369fc3e4e8034d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
etag
"232c36e0e377e32fbb20a34ff902fe55"
age
131
via
1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
641
x-amz-cf-id
wYDxZtowLF9BxzmCc4AGrunXZ3A9TbsrLQ3mLgQXuQfGWr3bsW88fQ==
date
Sat, 14 Dec 2024 03:42:19 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Sep 2023 16:35:45 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
linkedin-white.svg
platform-cdn.sharethis.com/img/
1 KB
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/linkedin-white.svg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:7600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26d5fdad2d76a30af97b14e00420d5fbe3053f626ba38b21189aad56e9ffe023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
cache-control
public, max-age=2592000
content-encoding
gzip
etag
W/"76101419ecb49d4883cdee76f8f3921a"
age
2187149
via
1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tKjg6Oo6PZtKdZ-WAyGJBg1-K0wTV1jlBI-gvsKq27-beyioy91hLg==
date
Mon, 18 Nov 2024 20:11:58 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
whatsapp-white.svg
platform-cdn.sharethis.com/img/
3 KB
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/whatsapp-white.svg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:7600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95fa571d69cb86f61bb40ddd196b9f73c1d3e9946ae758bbbb3f866607c22605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
cache-control
public, max-age=2592000
content-encoding
gzip
etag
W/"a2bc3effacbd66c837b37ccb0a16e417"
age
2445087
via
1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
SwHHBrPZExMvHXdiCkj5ViQlCPEcxgYukZMl_m6uTNIjNwN-jYsmCA==
date
Thu, 28 Nov 2024 18:46:56 GMT
content-type
image/svg+xml
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
email-white.svg
platform-cdn.sharethis.com/img/
599 B
1 KB
Image
General
Full URL
https://platform-cdn.sharethis.com/img/email-white.svg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:7600:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5110c1e29bb22f0c8ae1b7af3c994dd4f580d05d8773f5fb1f031b5ce1560c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

etag
"69eb3e5fe732c6c9862f5ec42580e1a1"
age
11049
x-cache
Hit from cloudfront
x-amz-cf-id
Vm3jw97w6fRIne1a8U-RDPxpGnCCISb5igS7EcvUyjTyqrlzhpF8KA==
date
Sat, 14 Dec 2024 00:40:18 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 d5a7b4f0ce5b27d5b6750a1a5f7fd024.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
599
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BNQM7NW6HE&gtm=45je4cc1v893076787z8893062484za200zb893062484&_p=1734147865819&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=475747188.1734147867&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734147866&sct=1&seg=0&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-2%2F&dt=%E2%80%9CI%20Wake%20Up%20Refreshed%20With%20No%20More%20Tension%20Headaches%E2%80%9D%20-%20Here%E2%80%99s%20How%20Over%2050s%20Can%20Experience%20The%20Same&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2995
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4cc1v893062484za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rightsleeping.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:44:26 GMT
content-type
text/plain
server
Golfe2
logo-1-100x100.png
rightsleeping.com/wp-content/uploads/2022/08/
2 KB
2 KB
Other
General
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1-100x100.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-2/

Response headers

cache-control
max-age=31536000
etag
"65ceb8de-621"
expires
Sun, 14 Dec 2025 03:44:26 GMT
accept-ranges
bytes
content-length
1569
date
Sat, 14 Dec 2024 03:44:26 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Fri, 16 Feb 2024 01:22:38 GMT
server
nginx
x-proxy-cache-info
DT:1
t.dhj
t.sharethis.com/1/k/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1734147867395
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.18 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90c54015f604b0afda8c4dde55bf27f0c580e95bc6449021992247450649fae3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sat, 14 Dec 2024 04:44:27 GMT
Content-Length
1385
Date
Sat, 14 Dec 2024 03:44:27 GMT
Content-Type
text/javascript
panorama.js
platform-api.sharethis.com/
39 KB
12 KB
Script
General
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-53.syd62.r.cloudfront.net
Software
/
Resource Hash
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"9a71-1934f7555b0"
age
1807
via
1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
9lSATH7HCw0MQ9qeIJ0NE5xruB2SPs11uxT0vNlhm4RKp7aLwqWx9g==
date
Sat, 14 Dec 2024 03:14:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 16:01:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
map
bcp.crwdcntrl.net/6/
235 B
694 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.84.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-84-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b0087f151a43cddd4df987cea271bfbcab3d4061d3466ac51ca6d99c4420ad9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://rightsleeping.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Sat, 14 Dec 2024 03:44:27 GMT
content-type
application/json;charset=utf-8
x-server
10.42.1.253
server
Jetty(9.4.38.v20210224)
t_.htm
t.sharethis.com/a/ Frame FA86
0
0
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1734147867395
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.18 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://rightsleeping.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Sat, 14 Dec 2024 03:44:27 GMT
Expires
Sat, 21 Dec 2024 03:44:27 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
panorama
sync.sharethis.com/
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/panorama?uid=7faac517a9bd76f6372b3ea6e2e6185ca02c6bbf97ecee2bd5106d466976d6e0&stid=ZH0ABGdc%2FxsAAAAJErYTAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.103.62 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-103-62.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Stid
ZH0ABGdc/xsAAAAJErYTAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Sat, 14 Dec 2024 03:44:28 GMT
Content-Type
image/gif
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rightsleeping.com
URL
blob:https://rightsleeping.com/2aedc277-7b21-456a-8c05-771e516edc8b

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| jQuery object| dataLayer object| gpSmoothScroll object| gpscroll function| SmoothScroll object| thirsty_global_vars object| thirstyFunctions object| generatepressMenu object| twemoji object| wp object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| clickmagick_cmc object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields boolean| clickmagick_cmc_loaded_previously function| onYouTubeIframeAPIReady object| gaGlobal object| lotame_sync_16621 function| lotameIsCompatible function| sync16621_aa function| sync16621_c function| sync16621_f object| sync16621_h function| sync16621_ca function| sync16621_j function| sync16621_da object| sync16621_ object| sync16621_ga object| sync16621_v object| sync16621_oa object| sync16621_xa object| sync16621_ya function| sync16621_a function| sync16621_b function| sync16621_g function| sync16621_i function| sync16621_k function| sync16621_l function| sync16621_m function| sync16621_n function| sync16621_o function| sync16621_p function| sync16621_q function| sync16621_r function| sync16621_fa function| sync16621_ea function| sync16621_s function| sync16621_t function| sync16621_u function| sync16621_w function| sync16621_ha function| sync16621_ia function| sync16621_y function| sync16621_ja function| sync16621_z function| sync16621_A function| sync16621_x function| sync16621_B function| sync16621_ka function| sync16621_C function| sync16621_D function| sync16621_E function| sync16621_F function| sync16621_G function| sync16621_H function| sync16621_I function| sync16621_J function| sync16621_K function| sync16621_L function| sync16621_la function| sync16621_ma function| sync16621_na function| sync16621_M function| sync16621_N function| sync16621_pa function| sync16621_O function| sync16621_qa function| sync16621_ra function| sync16621_sa function| sync16621_P function| sync16621_ta function| sync16621_ua function| sync16621_va function| sync16621_wa function| sync16621_Q function| sync16621_R function| sync16621_za function| sync16621_S function| sync16621_T function| sync16621_U function| sync16621_V function| sync16621_Aa function| sync16621_W function| sync16621_X function| sync16621_Y function| sync16621_Z function| sync16621__ function| sync16621_0 function| sync16621_Ea function| sync16621_Ba function| sync16621_1 function| sync16621_Da function| sync16621_Ca function| sync16621_2 function| sync16621_3 function| sync16621_4 function| sync16621_5 function| sync16621_Ga function| sync16621_Ha function| sync16621_Ja function| sync16621_Fa function| sync16621_7 function| sync16621_Ia function| sync16621_La function| sync16621_Ka function| sync16621_8 function| sync16621_6 function| sync16621_9 function| sync16621_Ma function| sync16621_Na function| sync16621_Oa function| sync16621_Pa function| sync16621_$ function| sync16621_Qa function| sync16621_Ra function| sync16621_Sa function| sync16621_Ta

26 Cookies

Domain/Path Name / Value
.rightsleeping.com/ Name: _fbp
Value: fb.1.1734147866472.249800767877161169
.rightsleeping.com/ Name: _hjSessionUser_3140239
Value: eyJpZCI6ImQ1NTQ4NTdiLTM5YzUtNWY5Mi1iYWZiLTllMGQ5ZjA0YzA3MiIsImNyZWF0ZWQiOjE3MzQxNDc4NjY1ODIsImV4aXN0aW5nIjp0cnVlfQ==
.rightsleeping.com/ Name: _hjSession_3140239
Value: eyJpZCI6ImQ4ODRiMTA4LWM4ZGItNDQxOS05YjZhLWI4YWE5YzVmODczOCIsImMiOjE3MzQxNDc4NjY1OTAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.rightsleeping.com/ Name: _ga_BNQM7NW6HE
Value: GS1.1.1734147866.1.0.1734147866.0.0.0
.rightsleeping.com/ Name: _ga
Value: GA1.1.475747188.1734147867
.sharethis.com/ Name: __stid
Value: ZH0ABGdc/xsAAAAJErYTAw==
.sharethis.com/ Name: __stidv
Value: 2
.rightsleeping.com/ Name: fpestid
Value: Tbl7CcvhcWUawIKsjcclLmFyIEn3o3Zxu_UMzLeJqUs3eWkqFwrS9gPM3NKsuE5WZ826eQ
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_6_1734147867694
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 2da9628a667381b52f97e32c3864a934
.rightsleeping.com/ Name: _cc_id
Value: 2da9628a667381b52f97e32c3864a934
.rightsleeping.com/ Name: panoramaId_expiry
Value: 1734752667772
.rightsleeping.com/ Name: panoramaId
Value: 7faac517a9bd76f6372b3ea6e2e6185ca02c6bbf97ecee2bd5106d466976d6e0
.rightsleeping.com/ Name: panoramaIdType
Value: panoDevice
.adsrvr.org/ Name: TDID
Value: 6d732425-15bc-441b-9980-b45936404aa7
.eyeota.net/ Name: mako_uid
Value: 193c3448503-27360000010d5868
.eyeota.net/ Name: SERVERID
Value: 22632~DM
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjA4r71iv_NPRAFOAE.
.ml314.com/ Name: pi
Value: 3649106614207119398
.yahoo.com/ Name: A3
Value: d=AQABBBv_XGcCEKdTcP02rWz3_qmKIA8Gzi8FEgEBAQFQXmdmZw0CxyMA_eMAAA&S=AQAAAuICOOvONi-D4Avr3HzKUEU
.analytics.yahoo.com/ Name: IDSYNC
Value: 19b8~2mdf
.rlcdn.com/ Name: rlas3
Value: 7dnrminWx3qpjbx98zSY7vZUNzQCK+95/3v+OITNh5s=
.exelator.com/ Name: EE
Value: "ff0a3fff9cf95420d6de9c97dfd77051"
.rlcdn.com/ Name: pxrc
Value: CJz+87oGEgUI6AcQABIFCNtOEAA=
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSEtzSDROC0tzTI5zdLUxMggxSwl1TLZ0jwlLcXc3MDUcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IsfQxUUpaQyLSopPBZ98uAgA5P0rlA%253D%253D"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.clkmc.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
rightsleeping.com
script.hotjar.com
static.hotjar.com
sync.sharethis.com
t.sharethis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
rightsleeping.com
108.158.20.53
108.158.32.86
13.250.84.149
157.240.8.23
157.240.8.35
172.217.167.67
18.67.110.93
23.40.52.18
2404:6800:4006:80b::2008
2404:6800:4006:80f::200a
2404:6800:4006:811::200e
2600:9000:277c:7200:c:abe:f440:93a1
2600:9000:277c:7600:1d:85c3:6640:93a1
2606:4700:10::6816:9d7
34.174.103.16
52.8.103.62
54.155.186.43
04cca900d03d79ac562b4524e7ae071c63d61937d508bf049256844b0dbae04d
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
26d5fdad2d76a30af97b14e00420d5fbe3053f626ba38b21189aad56e9ffe023
28d9901ac9ec91563f6f31cc6b85e856df2c67c0606ef6b01fcae34897494947
2aaf42f1717df06f860758d6013325f277e7c709168cea840619f4cabf53f113
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d
37272f6ee517a309c6b2dc92172b1c1f34612a542862c8ca762eab55bf6e0abc
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c84e4bfb73bc3e421d40825438a95bfc8a4aafc5cf996eb22aac7f1ae020604
4842f835de39abaa449973e6beb13260b52d1bace5843d2246369fc3e4e8034d
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5110c1e29bb22f0c8ae1b7af3c994dd4f580d05d8773f5fb1f031b5ce1560c83
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
72f2efcfa06ceb1cc153d0c2ce82dcdb5fc44c63d10b218b62e43b874d1b4cdc
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7eb9ad84accfb3b351afe5d85ab06d1392c1ad39fb900a97e192d0c4048a14d9
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
8d72aca332b452c5f3fdc9ba8d93ac66bc808ad0b177bd56386d2d855bd13658
90c54015f604b0afda8c4dde55bf27f0c580e95bc6449021992247450649fae3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95fa571d69cb86f61bb40ddd196b9f73c1d3e9946ae758bbbb3f866607c22605
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641
9f5f9511cc099f65a848e8002427087db937472d1717a28a0790a066abcd4843
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0087f151a43cddd4df987cea271bfbcab3d4061d3466ac51ca6d99c4420ad9c
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d
d5d879100f1ee06d7bf0e042d5c24f558f036552f9a7fc20d41131b23b307035
de12babcd45b46ad40f4073c83eba31f31efd8eae4b7299631ffb1dc49f780d6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07fbb6528c41089c608cd0ea3572c3d8518ccef51dbde82eef2493d07047db6
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227