urlscan.io logo urlscan.io
SecurityTrails logo

rightsleeping.com Open in urlscan Pro
34.174.103.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Submission: On December 14 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 57 HTTP transactions. The main IP is 34.174.103.16, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rightsleeping.com.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time rightsleeping.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 30 34.174.103.16 396982 (GOOGLE-CL...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
6 172.217.167.99 15169 (GOOGLE)
1 108.158.32.82 16509 (AMAZON-02)
2 108.158.20.116 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.67.110.93 16509 (AMAZON-02)
1 2600:9000:277... 16509 (AMAZON-02)
1 2 52.8.103.62 16509 (AMAZON-02)
2 157.240.8.35 32934 (FACEBOOK)
1 108.128.190.134 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 23.40.52.19 20940 (AKAMAI-AS...)
1 13.250.84.149 16509 (AMAZON-02)
1 13.56.46.87 16509 (AMAZON-02)
57 18
30    34.174.103.16 (Dallas, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.103.174.34.bc.googleusercontent.com
rightsleeping.com
2    2404:6800:4006:813::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4006:804::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    172.217.167.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f3.1e100.net
fonts.gstatic.com
1    108.158.32.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-82.syd3.r.cloudfront.net
static.hotjar.com
2    108.158.20.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-116.syd62.r.cloudfront.net
platform-api.sharethis.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    2606:4700:10::6816:8d7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.clkmc.com
1    18.67.110.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-93.syd62.r.cloudfront.net
script.hotjar.com
1    2600:9000:277c:9a00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    52.8.103.62 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-103-62.us-west-1.compute.amazonaws.com
l.sharethis.com
2    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
1    108.128.190.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-190-134.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    2404:6800:4006:811::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    23.40.52.19 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-40-52-19.deploy.static.akamaitechnologies.com
t.sharethis.com
1    13.250.84.149 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-84-149.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    13.56.46.87 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-46-87.us-west-1.compute.amazonaws.com
sync.sharethis.com
Apex Domain
Subdomains		 Transfer
30 rightsleeping.com
rightsleeping.com
5 MB
8 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
t.sharethis.com — Cisco Umbrella Rank: 7050
sync.sharethis.com — Cisco Umbrella Rank: 4116
63 KB
6 gstatic.com
fonts.gstatic.com
62 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
179 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
613 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 5577
171 B
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 148674
21 KB
57 12
Domain Requested by
30 rightsleeping.com 1 redirects rightsleeping.com
6 fonts.gstatic.com fonts.googleapis.com
2 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
2 www.facebook.com rightsleeping.com
2 l.sharethis.com 1 redirects
2 connect.facebook.net rightsleeping.com
connect.facebook.net
2 platform-api.sharethis.com www.googletagmanager.com
platform-api.sharethis.com
2 www.googletagmanager.com rightsleeping.com
www.googletagmanager.com
2 fonts.googleapis.com rightsleeping.com
1 sync.sharethis.com
1 bcp.crwdcntrl.net platform-api.sharethis.com
1 www.google-analytics.com www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 script.hotjar.com static.hotjar.com
1 cdn.clkmc.com www.googletagmanager.com
1 static.hotjar.com rightsleeping.com
57 17

This site contains no links.

Subject Issuer Validity Valid
*.rightsleeping.com
R11		 2024-11-22 -
2025-02-20		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google-analytics.com
WE2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-23 -
2024-12-22		 3 months crt.sh
clkmc.com
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh
cert1-prod.aut.a24365.net
R11		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rightsleeping.com/ad/derila-us-ad-5/
Frame ID: BA322FABDF4CE8C849E637F182F45749
Requests: 55 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=B
Frame ID: DA61D42D81B70B433B0C9BC7CA5800AE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5 Reasons Why You Need The Derila Pillow

Page URL History Show full URLs

  1. https://rightsleeping.com/ad/derila-us-ad-5 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-5/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

57
Requests

96 %
HTTPS

29 %
IPv6

12
Domains

17
Subdomains

18
IPs

4
Countries

5684 kB
Transfer

7190 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rightsleeping.com/ad/derila-us-ad-5 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e81a2543-ecec-4c0c-84a0-0a85612bd3c6 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e81a2543-ecec-4c0c-84a0-0a85612bd3c6&samesite=None

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rightsleeping.com/ad/derila-us-ad-5/
Redirect Chain
  • https://rightsleeping.com/ad/derila-us-ad-5
  • https://rightsleeping.com/ad/derila-us-ad-5/
57 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f68c32819ddf021e4f6817ae57265dd4a2d03abf0b30f07fb5ea30143465a42b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://rightsleeping.com/wp-json/>; rel="https://api.w.org/" <https://rightsleeping.com/wp-json/wp/v2/ad/1525>; rel="alternate"; title="JSON"; type="application/json" <https://rightsleeping.com/?p=1525>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 03:31:28 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://rightsleeping.com/ad/derila-us-ad-5/
server
nginx
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:
x-redirect-by
WordPress
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
slick.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/ 		2 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-6f0"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
slick-theme.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/ 		3 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick-theme.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-c49"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-library/ 		112 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1c012"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/components/ 		86 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/components/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-158b7"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/preferences/ 		1 KB
719 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/preferences/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-5bb"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-editor/ 		115 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1ca2a"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/reusable-blocks/ 		542 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-21e"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/patterns/ 		2 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/patterns/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-6ed"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/editor/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/css/dist/editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-e7a3"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
blocks.style.build.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/ 		1 KB
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/blocks.style.build.css
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-411"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		15 KB
826 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:813::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 03:31:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:31:29 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 14 Dec 2024 03:30:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
widget-areas.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/components/ 		3 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-d1c"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
main.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-4c38"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
style.css
rightsleeping.com/wp-content/themes/generatepress_child/ 		255 B
379 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress_child/style.css?ver=1659802030
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"62ee91ae-ff"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Sat, 06 Aug 2022 16:07:10 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:813::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de12babcd45b46ad40f4073c83eba31f31efd8eae4b7299631ffb1dc49f780d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 03:31:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:31:29 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 14 Dec 2024 03:31:29 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
rightsleeping.com/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c1944-15601"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 08 Nov 2023 23:27:00 GMT
server
nginx
vary
Accept-Encoding
jquery-migrate.min.js
rightsleeping.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"64d557c0-3509"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 10 Aug 2023 21:33:52 GMT
server
nginx
vary
Accept-Encoding
slick.js
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/ 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-15b7b"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
logo-1.png
rightsleeping.com/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1.png
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

cache-control
max-age=31536000
etag
"62eecfa7-266b"
expires
Sun, 14 Dec 2025 03:31:29 GMT
accept-ranges
bytes
content-length
9835
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Sat, 06 Aug 2022 20:31:35 GMT
server
nginx
x-proxy-cache-info
DT:1
smooth-scroll.min.js
rightsleeping.com/wp-content/plugins/gp-premium/general/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d3245c-1ae3"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Sat, 31 Aug 2024 14:10:36 GMT
server
nginx
vary
Accept-Encoding
ta.js
rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.11.2
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"667a3735-2bc0"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 03:19:17 GMT
server
nginx
vary
Accept-Encoding
menu.min.js
rightsleeping.com/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-1ca5"
expires
Sun, 14 Dec 2025 03:31:29 GMT
date
Sat, 14 Dec 2024 03:31:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
49337a02-8066-4416-958d-54dc8ec69db4
https://rightsleeping.com/ Frame 		0
0
gtm.js
www.googletagmanager.com/ 		216 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f266a3823be5e379cef2d05aadf8b8342b3996b9eec158daef70fa7ff9146f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 14 Dec 2024 03:31:30 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78024
x-xss-protection
0
server
Google Tag Manager
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
318970
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 10:55:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 10:55:20 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v15/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
280634
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 21:34:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 21:34:16 GMT
last-modified
Thu, 24 Aug 2023 17:45:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24768
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
313392
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 12:28:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 12:28:18 GMT
last-modified
Wed, 04 Dec 2024 06:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
291623
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 18:31:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 18:31:07 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
336055
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 06:10:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 06:10:35 GMT
last-modified
Wed, 04 Dec 2024 06:53:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7632
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f3.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
302039
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 15:37:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 15:37:31 GMT
last-modified
Wed, 04 Dec 2024 06:52:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7824
x-xss-protection
0
server
sffe
Derila-v9.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v9.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
16d59e4b565f28a3b75317b289240e806bc65a2f7f201a8b680e559ff077f806

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b656f3-20a3c5"
Content-Range
bytes 0-2139076/2139077
expires
Sun, 14 Dec 2025 03:31:30 GMT
Content-Length
2139077
date
Sat, 14 Dec 2024 03:31:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 09:10:11 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v11.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		943 KB
944 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v11.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fee6f31d9b17216938a66f16155cde2e48069dec78476d41376a52f506d4f6a8

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b65983-eba57"
Content-Range
bytes 0-965206/965207
expires
Sun, 14 Dec 2025 03:31:30 GMT
Content-Length
965207
date
Sat, 14 Dec 2024 03:31:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 09:21:07 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v17.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		266 KB
266 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v17.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1dbcb2a71a488ca32a43d4fac2fb658fcccf4b1db204a18476af79c0f79e78ec

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b67e61-4270f"
Content-Range
bytes 0-272142/272143
expires
Sun, 14 Dec 2025 03:31:30 GMT
Content-Length
272143
date
Sat, 14 Dec 2024 03:31:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 11:58:25 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v13.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v13.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de32121808b4c71fb8ee5e8aae85d0020cba63d055c73f61acc1438ddb689f84

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b6793c-109b74"
Content-Range
bytes 0-1088371/1088372
expires
Sun, 14 Dec 2025 03:31:30 GMT
Content-Length
1088372
date
Sat, 14 Dec 2024 03:31:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 11:36:28 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-v19.mp4
rightsleeping.com/wp-content/uploads/2023/07/ 		710 KB
711 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-v19.mp4
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4d5c0f1821f844cd5387a7ef6af33ffcf528d80fc2f7e36329d4259be84bd43

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=31536000
etag
"64b6815d-b16aa"
Content-Range
bytes 0-726697/726698
expires
Sun, 14 Dec 2025 03:31:30 GMT
Content-Length
726698
date
Sat, 14 Dec 2024 03:31:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
video/mp4
last-modified
Tue, 18 Jul 2023 12:11:09 GMT
server
nginx
x-proxy-cache-info
DT:1
wp-emoji-release.min.js
rightsleeping.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"660de70a-4926"
expires
Sun, 14 Dec 2025 03:31:30 GMT
date
Sat, 14 Dec 2024 03:31:30 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 23:32:26 GMT
server
nginx
vary
Accept-Encoding
admin-ajax.php
rightsleeping.com/wp-admin/ 		455 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-admin/admin-ajax.php
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5cd39f6c631f1c8a143c274efeb97d4584034f4566b164d919bb024943351ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-5/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-proxy-cache-info
DT:1
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://rightsleeping.com
host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
server
nginx
js
www.googletagmanager.com/gtag/ 		300 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4cc1v893062484za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
332e72d733be72c6f807fd0c3225d90b2c6d8a53f5d4d12075850871e380ae82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 14 Dec 2024 03:31:30 GMT
alt-svc
h3=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104553
x-xss-protection
0
server
Google Tag Manager
hotjar-3140239.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-82.syd3.r.cloudfront.net
Software
/
Resource Hash
37272f6ee517a309c6b2dc92172b1c1f34612a542862c8ca762eab55bf6e0abc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
etag
W/a3ac5ee75b6c14dbe2d53aa97da9fd10
age
34
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
g4zYiiOi1NoaJmBzqA5t78EBAQn70EJaVVD1UnGbA-XBsMrMz_m2Ow==
date
Sat, 14 Dec 2024 03:30:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 dc5b7b7a6895b629c6cb8eef5910309e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD3-P2
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-116.syd62.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
206
via
1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zAT8gOowRZcqigTehHAdtNImuHXgJ3pn2eSRt0u608HBs4oyqIhuig==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Sat, 14 Dec 2024 03:28:04 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Fvltk4j1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Fvltk4j1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4495, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Plda6QuFT7x0/vTvrDH0UVcM+GWidXJ073/srRBKUOxqGMuz8nJ35qW6PheeWLIT+fQOs9fv9czStpoiClcfYw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
cmc.js
cdn.clkmc.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:8d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
300
cf-cache-status
HIT
etag
"66e1cc81-527f"
age
794202
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, OPTIONS
expires
Fri, 03 Jan 2025 22:54:48 GMT
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 16:59:45 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
public, max-age=2592000, no-transform
pragma
public
access-control-allow-credentials
true
cf-ray
8f1b1f138afc4ffd-MEL
accept-ranges
bytes
content-length
21119
server
cloudflare
modules.675199526fcb21f102e5.js
script.hotjar.com/ 		222 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.675199526fcb21f102e5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-93.syd62.r.cloudfront.net
Software
/
Resource Hash
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"787cb060b057c5d555662c23eb0e0d17"
age
307462
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
vIout6QFX8h5smjqSLknXnGQCXCOKS4kZdf0buuDB3awLQ6na3LKDw==
date
Tue, 10 Dec 2024 14:07:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 14:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 df166554184adf2da43f53000107ac74.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56361
x-amz-cf-pop
SYD62-P2
1436609853526364
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1436609853526364?v=2.9.179&r=stable&domain=rightsleeping.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
2aaf42f1717df06f860758d6013325f277e7c709168cea840619f4cabf53f113
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-BCZAY8Pq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-BCZAY8Pq' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=77, mss=1232, tbw=71278, tp=67, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
bswoir9byIJaut72/WLFvdJwj+OVm2PHj6z21U5NOMCZjLYbDNjiALK0B+mL7dAtCrpNggA8TlnwxwjuTeqkqQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14185
x-xss-protection
0
origin-agent-cluster
?1
62ef670c899767001cf551f5.js
buttons-config.sharethis.com/js/ 		591 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/62ef670c899767001cf551f5.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:9a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

etag
"003fac9805946cf8bd2244181e9c96ca"
age
30
x-cache
Hit from cloudfront
x-amz-cf-id
qvg11I_a0-QwpCQQy2UVm3fB2Q4g6a4Za2irUGC-Eca6nBGK5Eibzw==
date
Sat, 14 Dec 2024 03:31:01 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Sun, 07 Aug 2022 07:31:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=60
via
1.1 35e7be28d84a15b9277bceb653af4b4c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
591
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&...
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcm...
176 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e81a2543-ecec-4c0c-84a0-0a85612bd3c6&samesite=None
Protocol
HTTP/1.1
Server
52.8.103.62 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-103-62.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
126af35cfa0111c14564d2ffd8be1ba831b035041f02cf76802e0c9648253458
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZGiABGdc/BMAAAAIECSSAw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
176
Date
Sat, 14 Dec 2024 03:31:31 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
*

Redirect headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Location
/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-5%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=Transform%20your%20sleep%20experience%20and%20wake%20up%20refreshed%20every%20day%20with%20the%20Derila%20pillow!%20Discover%20how%20this%20innovative%20pillow%20combines%20comfort%20with%20health&ua=&ua_mobile=false&ua_full_version_list=&uuid=e81a2543-ecec-4c0c-84a0-0a85612bd3c6&samesite=None
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZGiABGdc/BMAAAAIECSSAw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
779
Date
Sat, 14 Dec 2024 03:31:31 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&rl=&if=false&ts=1734147090596&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734147090595.32114711369078559&ler=empty&cdl=API_unavailable&it=1734147090549&coo=false&rqm=GET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4541, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&rl=&if=false&ts=1734147090596&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734147090595.32114711369078559&ler=empty&cdl=API_unavailable&it=1734147090549&coo=false&rqm=FGET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448105039204351529"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:31:30 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
jIrf30eC8LGISLo8x9wWc+8TCUlpe9raQy/I9cbPy2AZ7PIO0ixJm0NYkXqVkHEX2fapzdGN332b6VlhTIJUYw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448105039204351529", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4909, tp=13, tpl=0, uplat=272, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3140239&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.675199526fcb21f102e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.190.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-190-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0ef56b8ec0971e8887247d2e67d599dfc72b6516637e8157f6d74b02538544cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Sat, 14 Dec 2024 03:31:31 GMT
content-type
application/json
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BNQM7NW6HE&gtm=45je4cc1v893076787z8893062484za200zb893062484&_p=1734147089900&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1445329484.1734147091&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734147090&sct=1&seg=0&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-5%2F&dt=5%20Reasons%20Why%20You%20Need%20The%20Derila%20Pillow&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4cc1v893062484za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rightsleeping.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:31:31 GMT
content-type
text/plain
server
Golfe2
logo-1-100x100.png
rightsleeping.com/wp-content/uploads/2022/08/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1-100x100.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-5/

Response headers

cache-control
max-age=31536000
etag
"65ceb8de-621"
expires
Sun, 14 Dec 2025 03:31:31 GMT
accept-ranges
bytes
content-length
1569
date
Sat, 14 Dec 2024 03:31:31 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Fri, 16 Feb 2024 01:22:38 GMT
server
nginx
x-proxy-cache-info
DT:1
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1734147091486
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.19 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90c54015f604b0afda8c4dde55bf27f0c580e95bc6449021992247450649fae3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sat, 14 Dec 2024 04:31:31 GMT
Content-Length
1385
Date
Sat, 14 Dec 2024 03:31:31 GMT
Content-Type
text/javascript
panorama.js
platform-api.sharethis.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-116.syd62.r.cloudfront.net
Software
/
Resource Hash
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"9a71-1934f7555b0"
age
1031
via
1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
q04un-mqfJdvVMiI8KH_-s8xsB8TiNcNyydMzy7YgE5b9YxDrvLEdg==
date
Sat, 14 Dec 2024 03:14:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 16:01:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
map
bcp.crwdcntrl.net/6/ 		235 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.84.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-84-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8b7b381c594952be505e3dda0ebce03f14d5ec1621154af1e2348218e9c5415a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://rightsleeping.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Sat, 14 Dec 2024 03:31:31 GMT
content-type
application/json;charset=utf-8
x-server
10.42.22.40
server
Jetty(9.4.38.v20210224)
t_.htm
t.sharethis.com/a/ Frame DA61 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1734147091486
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.19 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://rightsleeping.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Sat, 14 Dec 2024 03:31:31 GMT
Expires
Sat, 21 Dec 2024 03:31:31 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
panorama
sync.sharethis.com/ 		42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/panorama?uid=bf8fa5d060afd1d674957914438816d53938c74d397d2903f98b5a9014b43c50&stid=ZGiABGdc%2FBMAAAAIECSSAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.46.87 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-46-87.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Stid
ZGiABGdc/BMAAAAIECSSAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Sat, 14 Dec 2024 03:31:32 GMT
Content-Type
image/gif
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rightsleeping.com
URL
blob:https://rightsleeping.com/49337a02-8066-4416-958d-54dc8ec69db4

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| jQuery object| dataLayer object| gpSmoothScroll object| gpscroll function| SmoothScroll object| thirsty_global_vars object| thirstyFunctions object| generatepressMenu object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| clickmagick_cmc object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| twemoji object| wp object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields boolean| clickmagick_cmc_loaded_previously function| onYouTubeIframeAPIReady object| gaGlobal object| lotame_sync_16621 function| lotameIsCompatible function| sync16621_aa function| sync16621_c function| sync16621_f object| sync16621_h function| sync16621_ca function| sync16621_j function| sync16621_da object| sync16621_ object| sync16621_ga object| sync16621_v object| sync16621_oa object| sync16621_xa object| sync16621_ya function| sync16621_a function| sync16621_b function| sync16621_g function| sync16621_i function| sync16621_k function| sync16621_l function| sync16621_m function| sync16621_n function| sync16621_o function| sync16621_p function| sync16621_q function| sync16621_r function| sync16621_fa function| sync16621_ea function| sync16621_s function| sync16621_t function| sync16621_u function| sync16621_w function| sync16621_ha function| sync16621_ia function| sync16621_y function| sync16621_ja function| sync16621_z function| sync16621_A function| sync16621_x function| sync16621_B function| sync16621_ka function| sync16621_C function| sync16621_D function| sync16621_E function| sync16621_F function| sync16621_G function| sync16621_H function| sync16621_I function| sync16621_J function| sync16621_K function| sync16621_L function| sync16621_la function| sync16621_ma function| sync16621_na function| sync16621_M function| sync16621_N function| sync16621_pa function| sync16621_O function| sync16621_qa function| sync16621_ra function| sync16621_sa function| sync16621_P function| sync16621_ta function| sync16621_ua function| sync16621_va function| sync16621_wa function| sync16621_Q function| sync16621_R function| sync16621_za function| sync16621_S function| sync16621_T function| sync16621_U function| sync16621_V function| sync16621_Aa function| sync16621_W function| sync16621_X function| sync16621_Y function| sync16621_Z function| sync16621__ function| sync16621_0 function| sync16621_Ea function| sync16621_Ba function| sync16621_1 function| sync16621_Da function| sync16621_Ca function| sync16621_2 function| sync16621_3 function| sync16621_4 function| sync16621_5 function| sync16621_Ga function| sync16621_Ha function| sync16621_Ja function| sync16621_Fa function| sync16621_7 function| sync16621_Ia function| sync16621_La function| sync16621_Ka function| sync16621_8 function| sync16621_6 function| sync16621_9 function| sync16621_Ma function| sync16621_Na function| sync16621_Oa function| sync16621_Pa function| sync16621_$ function| sync16621_Qa function| sync16621_Ra function| sync16621_Sa function| sync16621_Ta

25 Cookies

Domain/Path Name / Value
.rightsleeping.com/ Name: _fbp
Value: fb.1.1734147090595.32114711369078559
.rightsleeping.com/ Name: _hjSessionUser_3140239
Value: eyJpZCI6ImUwN2NiMjAyLTYzNzItNTk0Yi1hYWNjLWQ4M2FkNmUyMDhlMCIsImNyZWF0ZWQiOjE3MzQxNDcwOTA2NzMsImV4aXN0aW5nIjp0cnVlfQ==
.rightsleeping.com/ Name: _hjSession_3140239
Value: eyJpZCI6IjU4NzlhZDZiLWFhZTEtNDY5Ny05ZDVlLTFhMTllMzlhM2Q2YSIsImMiOjE3MzQxNDcwOTA2NzMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.rightsleeping.com/ Name: _ga_BNQM7NW6HE
Value: GS1.1.1734147090.1.0.1734147090.0.0.0
.rightsleeping.com/ Name: _ga
Value: GA1.1.1445329484.1734147091
.sharethis.com/ Name: __stid
Value: ZGiABGdc/BMAAAAIECSSAw==
.sharethis.com/ Name: __stidv
Value: 2
.rightsleeping.com/ Name: fpestid
Value: T0HRfs8T8uodRUUiGsAxHHk4sfR6YI6v_FKN3NNvElxEUYgNgqTrgTceIlyUoIPEkGubzA
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_6_1734147091686
.adsrvr.org/ Name: TDID
Value: c4ab29f1-7b01-4a20-aa2e-85d580dbd040
.eyeota.net/ Name: mako_uid
Value: 193c338ad3a-53940000010d5868
.eyeota.net/ Name: SERVERID
Value: 22632~DM
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiAx-KL0f7NPRAFOAE.
.crwdcntrl.net/ Name: _cc_id
Value: 1b45ea8eba75b774b46220236437f5ce
.rightsleeping.com/ Name: _cc_id
Value: 1b45ea8eba75b774b46220236437f5ce
.rightsleeping.com/ Name: panoramaId_expiry
Value: 1734751891765
.rightsleeping.com/ Name: panoramaId
Value: bf8fa5d060afd1d674957914438816d53938c74d397d2903f98b5a9014b43c50
.rightsleeping.com/ Name: panoramaIdType
Value: panoIndiv
.yahoo.com/ Name: A3
Value: d=AQABBBP8XGcCEKHFMVtnyICSC1elIWmHXJoFEgEBAQFNXmdmZw0BxyMA_eMAAA&S=AQAAAmOM19hYG2j7vZagsAkvu8s
.ml314.com/ Name: pi
Value: 3649106405901205539
.analytics.yahoo.com/ Name: IDSYNC
Value: 19b8~2mdf
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.rlcdn.com/ Name: pxrc
Value: CJT487oGEgUI6AcQABIFCNtOEAA=
.exelator.com/ Name: EE
Value: "f60d571606dea0be4fc07450bb532302"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNzCDF1NzQzMAsJTXRICnVJC3ZwNzE1CApydTYyNjAaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IsfQxUUpaQyLSopPBZ98OAcAkBsqnw%253D%253D"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.clkmc.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
rightsleeping.com
script.hotjar.com
static.hotjar.com
sync.sharethis.com
t.sharethis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
rightsleeping.com
108.128.190.134
108.158.20.116
108.158.32.82
13.250.84.149
13.56.46.87
157.240.8.23
157.240.8.35
172.217.167.99
18.67.110.93
23.40.52.19
2404:6800:4006:804::2008
2404:6800:4006:811::200e
2404:6800:4006:813::200a
2600:9000:277c:9a00:c:abe:f440:93a1
2606:4700:10::6816:8d7
34.174.103.16
52.8.103.62
0ef56b8ec0971e8887247d2e67d599dfc72b6516637e8157f6d74b02538544cd
126af35cfa0111c14564d2ffd8be1ba831b035041f02cf76802e0c9648253458
16d59e4b565f28a3b75317b289240e806bc65a2f7f201a8b680e559ff077f806
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24
1dbcb2a71a488ca32a43d4fac2fb658fcccf4b1db204a18476af79c0f79e78ec
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
2aaf42f1717df06f860758d6013325f277e7c709168cea840619f4cabf53f113
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d
332e72d733be72c6f807fd0c3225d90b2c6d8a53f5d4d12075850871e380ae82
37272f6ee517a309c6b2dc92172b1c1f34612a542862c8ca762eab55bf6e0abc
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3f266a3823be5e379cef2d05aadf8b8342b3996b9eec158daef70fa7ff9146f2
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
5cd39f6c631f1c8a143c274efeb97d4584034f4566b164d919bb024943351ae0
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
8b7b381c594952be505e3dda0ebce03f14d5ec1621154af1e2348218e9c5415a
90c54015f604b0afda8c4dde55bf27f0c580e95bc6449021992247450649fae3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
c4d5c0f1821f844cd5387a7ef6af33ffcf528d80fc2f7e36329d4259be84bd43
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d
de12babcd45b46ad40f4073c83eba31f31efd8eae4b7299631ffb1dc49f780d6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de32121808b4c71fb8ee5e8aae85d0020cba63d055c73f61acc1438ddb689f84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227
f68c32819ddf021e4f6817ae57265dd4a2d03abf0b30f07fb5ea30143465a42b
fee6f31d9b17216938a66f16155cde2e48069dec78476d41376a52f506d4f6a8