URL: https://rightsleeping.com/ad/derila-us-ad-4/
Submission: On December 14 via api from AU — Scanned from AU

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 54 HTTP transactions. The main IP is 34.174.103.16, located in Dallas, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rightsleeping.com.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time rightsleeping.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 34.174.103.16 396982 (GOOGLE-CL...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
5 172.217.167.67 15169 (GOOGLE)
1 108.158.32.82 16509 (AMAZON-02)
2 108.158.20.113 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.67.110.93 16509 (AMAZON-02)
1 2600:9000:277... 16509 (AMAZON-02)
1 3 13.56.46.87 16509 (AMAZON-02)
2 157.240.8.35 32934 (FACEBOOK)
1 108.128.190.134 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 23.40.52.18 20940 (AKAMAI-AS...)
1 13.228.141.68 16509 (AMAZON-02)
54 17
Apex Domain
Subdomains
Transfer
28 rightsleeping.com
rightsleeping.com
459 KB
8 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 5010
buttons-config.sharethis.com — Cisco Umbrella Rank: 5845
l.sharethis.com — Cisco Umbrella Rank: 5470
t.sharethis.com — Cisco Umbrella Rank: 7050
sync.sharethis.com — Cisco Umbrella Rank: 4116
63 KB
5 gstatic.com
fonts.gstatic.com
55 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
216 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
179 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
693 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 5577
171 B
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 148674
21 KB
54 12
Domain Requested by
28 rightsleeping.com 1 redirects rightsleeping.com
5 fonts.gstatic.com fonts.googleapis.com
2 t.sharethis.com platform-api.sharethis.com
t.sharethis.com
2 www.facebook.com rightsleeping.com
2 l.sharethis.com 1 redirects
2 connect.facebook.net rightsleeping.com
connect.facebook.net
2 platform-api.sharethis.com www.googletagmanager.com
platform-api.sharethis.com
2 www.googletagmanager.com rightsleeping.com
www.googletagmanager.com
2 fonts.googleapis.com rightsleeping.com
1 sync.sharethis.com
1 bcp.crwdcntrl.net platform-api.sharethis.com
1 www.google-analytics.com www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 script.hotjar.com static.hotjar.com
1 cdn.clkmc.com www.googletagmanager.com
1 static.hotjar.com rightsleeping.com
54 17

This site contains links to these domains. Also see Links.

Domain
get-derila.com
Subject Issuer Validity Valid
*.rightsleeping.com
R11
2024-11-22 -
2025-02-20
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-19 -
2025-05-17
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-23 -
2024-12-22
3 months crt.sh
clkmc.com
WE1
2024-10-30 -
2025-01-28
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
cert1-prod.aut.a24365.net
R11
2024-11-04 -
2025-02-02
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03
2024-09-08 -
2025-10-08
a year crt.sh

This page contains 2 frames:

Primary Page: https://rightsleeping.com/ad/derila-us-ad-4/
Frame ID: A499C9D565A543A0CD448B63643BE15A
Requests: 52 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=B
Frame ID: 46B339748401CA04C0C0B196570012E7
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Sleeping with pain? This innovative product may just be what your body needs!

Page URL History Show full URLs

  1. https://rightsleeping.com/ad/derila-us-ad-4 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-4/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

54
Requests

96 %
HTTPS

31 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

915 kB
Transfer

2445 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rightsleeping.com/ad/derila-us-ad-4 HTTP 301
    https://rightsleeping.com/ad/derila-us-ad-4/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-4%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sleeping%20with%20pain%3F%20This%20innovative%20product%20may%20just%20be%20what%20your%20body%20needs!&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=ATTENTION!%20The%20original%20Derila%20pillow%20can%20only%20be%20purchased%20on%20the%20official%20website%20here%3E%3E&ua=&ua_mobile=false&ua_full_version_list=&uuid=40ba4d5a-cffe-4ff4-ae65-846bdaa5f520 HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-4%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sleeping%20with%20pain%3F%20This%20innovative%20product%20may%20just%20be%20what%20your%20body%20needs!&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=ATTENTION!%20The%20original%20Derila%20pillow%20can%20only%20be%20purchased%20on%20the%20official%20website%20here%3E%3E&ua=&ua_mobile=false&ua_full_version_list=&uuid=40ba4d5a-cffe-4ff4-ae65-846bdaa5f520&samesite=None

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rightsleeping.com/ad/derila-us-ad-4/
Redirect Chain
  • https://rightsleeping.com/ad/derila-us-ad-4
  • https://rightsleeping.com/ad/derila-us-ad-4/
76 KB
17 KB
Document
General
Full URL
https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
120206675748e9d5d49750a146ecbe5954cf11fa5f09e2ccffe520dab330d759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 03:45:34 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://rightsleeping.com/wp-json/>; rel="https://api.w.org/" <https://rightsleeping.com/wp-json/wp/v2/ad/1485>; rel="alternate"; title="JSON"; type="application/json" <https://rightsleeping.com/?p=1485>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 14 Dec 2024 03:45:34 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://rightsleeping.com/ad/derila-us-ad-4/
server
nginx
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:
x-redirect-by
WordPress
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
slick.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/
2 KB
721 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-6f0"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
slick-theme.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/
3 KB
996 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick-theme.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-c49"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-library/
112 KB
14 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1c012"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/components/
86 KB
12 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/components/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-158b7"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/preferences/
1 KB
719 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/preferences/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-5bb"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/block-editor/
115 KB
15 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/block-editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-1ca2a"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/reusable-blocks/
542 B
461 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/reusable-blocks/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-21e"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/patterns/
2 KB
840 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/patterns/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66a1a165-6ed"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 25 Jul 2024 00:50:45 GMT
server
nginx
vary
Accept-Encoding
style.min.css
rightsleeping.com/wp-includes/css/dist/editor/
58 KB
9 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-includes/css/dist/editor/style.min.css?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"6740bd03-e7a3"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Fri, 22 Nov 2024 17:18:59 GMT
server
nginx
vary
Accept-Encoding
blocks.style.build.css
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/
1 KB
486 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/blocks.style.build.css
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-411"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 03:45:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:45:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 14 Dec 2024 03:31:01 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
widget-areas.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/components/
3 KB
859 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-d1c"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
main.min.css
rightsleeping.com/wp-content/themes/generatepress/assets/css/
19 KB
4 KB
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-4c38"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
style.css
rightsleeping.com/wp-content/themes/generatepress_child/
255 B
379 B
Stylesheet
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress_child/style.css?ver=1659802030
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"62ee91ae-ff"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
text/css
last-modified
Sat, 06 Aug 2022 16:07:10 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/
16 KB
917 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de12babcd45b46ad40f4073c83eba31f31efd8eae4b7299631ffb1dc49f780d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 14 Dec 2024 03:45:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:45:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 14 Dec 2024 03:30:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
rightsleeping.com/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"654c1944-15601"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 08 Nov 2023 23:27:00 GMT
server
nginx
vary
Accept-Encoding
jquery-migrate.min.js
rightsleeping.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://rightsleeping.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"64d557c0-3509"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 10 Aug 2023 21:33:52 GMT
server
nginx
vary
Accept-Encoding
slick.js
rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/
87 KB
14 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/plugins/algori-image-video-slider/dist/slick/slick.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"65c4b2e2-15b7b"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 10:54:26 GMT
server
nginx
vary
Accept-Encoding
logo-1.png
rightsleeping.com/wp-content/uploads/2022/08/
10 KB
10 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1.png
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

cache-control
max-age=31536000
etag
"62eecfa7-266b"
expires
Sun, 14 Dec 2025 03:45:35 GMT
accept-ranges
bytes
content-length
9835
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Sat, 06 Aug 2022 20:31:35 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-216.jpeg
rightsleeping.com/wp-content/uploads/2023/07/
206 KB
206 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-216.jpeg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbd2d951b8e5194fc17448c50091a3101650ae49529d8ec220171dbbdf25c54f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

cache-control
max-age=31536000
etag
"64b503d2-3363d"
expires
Sun, 14 Dec 2025 03:45:35 GMT
accept-ranges
bytes
content-length
210493
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/jpeg
last-modified
Mon, 17 Jul 2023 09:03:14 GMT
server
nginx
x-proxy-cache-info
DT:1
image-e1704037893183-1024x70.png
rightsleeping.com/wp-content/uploads/2023/12/
22 KB
23 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2023/12/image-e1704037893183-1024x70.png
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c551a778d461b83f9bb318403bd5b33382e043d952d01bb2ea11e0d449845c31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

cache-control
max-age=31536000
etag
"65918e05-59c0"
expires
Sun, 14 Dec 2025 03:45:35 GMT
accept-ranges
bytes
content-length
22976
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Sun, 31 Dec 2023 15:51:33 GMT
server
nginx
x-proxy-cache-info
DT:1
Derila-217.jpeg
rightsleeping.com/wp-content/uploads/2023/07/
81 KB
81 KB
Image
General
Full URL
https://rightsleeping.com/wp-content/uploads/2023/07/Derila-217.jpeg
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a1dd01b6639d2bca0a255f1eb5dd2dea626549ad573755c2c3a7952afa813524

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

cache-control
max-age=31536000
etag
"64b51b29-14338"
expires
Sun, 14 Dec 2025 03:45:35 GMT
accept-ranges
bytes
content-length
82744
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/jpeg
last-modified
Mon, 17 Jul 2023 10:42:49 GMT
server
nginx
x-proxy-cache-info
DT:1
smooth-scroll.min.js
rightsleeping.com/wp-content/plugins/gp-premium/general/js/
7 KB
3 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.5.0
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d3245c-1ae3"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Sat, 31 Aug 2024 14:10:36 GMT
server
nginx
vary
Accept-Encoding
ta.js
rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/
11 KB
3 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.11.2
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"667a3735-2bc0"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 03:19:17 GMT
server
nginx
vary
Accept-Encoding
menu.min.js
rightsleeping.com/wp-content/themes/generatepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://rightsleeping.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"66d96c0f-1ca5"
expires
Sun, 14 Dec 2025 03:45:35 GMT
date
Sat, 14 Dec 2024 03:45:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 08:30:07 GMT
server
nginx
vary
Accept-Encoding
d098638d-e72f-4105-9413-bc3a437b6053
https://rightsleeping.com/ Frame
0
0

gtm.js
www.googletagmanager.com/
216 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7eb9ad84accfb3b351afe5d85ab06d1392c1ad39fb900a97e192d0c4048a14d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 14 Dec 2024 03:45:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:45:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 14 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77987
x-xss-protection
0
server
Google Tag Manager
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
275294
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 23:17:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 23:17:21 GMT
last-modified
Wed, 04 Dec 2024 06:53:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
fonts.gstatic.com/s/dmserifdisplay/v15/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmserifdisplay/v15/-nFnOHM81r4j6k0gjAW3mujVU2B2G_Bx0g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDM+Serif+Display%3Aregular%2Citalic&display=auto&ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
296773
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 17:19:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 17:19:22 GMT
last-modified
Thu, 24 Aug 2023 17:45:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24768
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
293832
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 18:08:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 18:08:23 GMT
last-modified
Wed, 04 Dec 2024 06:53:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
269934
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 00:46:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Dec 2024 00:46:41 GMT
last-modified
Wed, 04 Dec 2024 06:54:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f3.1e100.net
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rightsleeping.com
Referer
https://fonts.googleapis.com/

Response headers

age
297322
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 17:10:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 17:10:13 GMT
last-modified
Wed, 04 Dec 2024 06:53:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7632
x-xss-protection
0
server
sffe
wp-emoji-release.min.js
rightsleeping.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://rightsleeping.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7.1
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

x-proxy-cache-info
DT:1
cache-control
max-age=31536000
content-encoding
br
etag
W/"660de70a-4926"
expires
Sun, 14 Dec 2025 03:45:36 GMT
date
Sat, 14 Dec 2024 03:45:36 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 23:32:26 GMT
server
nginx
vary
Accept-Encoding
admin-ajax.php
rightsleeping.com/wp-admin/
5 KB
698 B
XHR
General
Full URL
https://rightsleeping.com/wp-admin/admin-ajax.php
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c92dad92b1f9fb48dd122b116d5825a6732827c3091c0be7f881a35202338d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rightsleeping.com/ad/derila-us-ad-4/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
content-encoding
br
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
x-proxy-cache-info
DT:1
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://rightsleeping.com
host-header
8441280b0c35cbc1147f8ba998a563a7
x-httpd-modphp
1
server
nginx
js
www.googletagmanager.com/gtag/
300 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4cc1v893062484za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a95f6071d1fb4cc26f8a793fb8103d8229961193f6230f2e779d599f5a9dd400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 14 Dec 2024 03:45:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104551
x-xss-protection
0
server
Google Tag Manager
hotjar-3140239.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-82.syd3.r.cloudfront.net
Software
/
Resource Hash
37272f6ee517a309c6b2dc92172b1c1f34612a542862c8ca762eab55bf6e0abc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
br
etag
W/a3ac5ee75b6c14dbe2d53aa97da9fd10
age
19
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
e9sHquP6VGOIp58r6NxOzQJoFga2I165qCymfKChCdKsInS-EsgEnw==
date
Sat, 14 Dec 2024 03:45:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD3-P2
sharethis.js
platform-api.sharethis.com/js/
206 KB
46 KB
Script
General
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-113.syd62.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=600, public
content-encoding
gzip
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
age
452
via
1.1 9f543b41d91998db89601c7fae0f18c2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fj33gk6E948dDHeZndPaiKKyhkcjaOxPsl0jNtk8iEwkphryQSq-3A==
edge-control
cache-maxage=60m,downstream-ttl=60m
date
Sat, 14 Dec 2024 03:38:04 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-JGsnqYCJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-JGsnqYCJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4495, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
PqQxSE92B2SK6Ffowe6Ce6FkiYXMdySprr5Lyu4qyYGTQkt3iiIFfM/JIp8oOg6bJxzClwkQufA0V2No4qZPyQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
cmc.js
cdn.clkmc.com/
21 KB
21 KB
Script
General
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3NWB2W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:9d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
300
cf-cache-status
HIT
etag
"66e1cc81-527f"
age
1240220
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 29 Dec 2024 19:15:15 GMT
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 16:59:45 GMT
vary
Accept-Encoding
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
public, max-age=2592000, no-transform
pragma
public
access-control-allow-credentials
true
cf-ray
8f1b33b9785fa967-SYD
accept-ranges
bytes
content-length
21119
server
cloudflare
1436609853526364
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1436609853526364?v=2.9.179&r=stable&domain=rightsleeping.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
2aaf42f1717df06f860758d6013325f277e7c709168cea840619f4cabf53f113
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-6tSrtazF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-6tSrtazF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=77, mss=1232, tbw=70479, tp=65, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
YPJblU1bcXxmd5paNRJdiCl80VNvVUjVzbacPCmPLyfJWSRZ9HEa++mAVUBgL19uGdFswjrsHt/ubTde30u0zg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14185
x-xss-protection
0
origin-agent-cluster
?1
modules.675199526fcb21f102e5.js
script.hotjar.com/
222 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.675199526fcb21f102e5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3140239.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-93.syd62.r.cloudfront.net
Software
/
Resource Hash
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"787cb060b057c5d555662c23eb0e0d17"
age
308308
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
8DuM31XOmITr6uSxV8QrT85Jo2r0JL3-2mv5oQkQE7Ei4Jo88G0pOg==
date
Tue, 10 Dec 2024 14:07:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 14:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56361
x-amz-cf-pop
SYD62-P2
62ef670c899767001cf551f5.js
buttons-config.sharethis.com/js/
591 B
1 KB
Script
General
Full URL
https://buttons-config.sharethis.com/js/62ef670c899767001cf551f5.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:4a00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

etag
"003fac9805946cf8bd2244181e9c96ca"
age
19
x-cache
Hit from cloudfront
x-amz-cf-id
R0ZH7kj8sf1dxb-P-begrO2WUMV3VTVsztkUY3IaDjG3JLOrx4QWYA==
date
Sat, 14 Dec 2024 03:45:18 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Sun, 07 Aug 2022 07:31:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=60
via
1.1 4dc21cb63e62a1d58ba1e9fef2392daa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
591
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-4%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&source=sharethis.js&...
  • https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-4%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&source=sharethis.js&fcm...
176 B
699 B
XHR
General
Full URL
https://l.sharethis.com/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-4%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sleeping%20with%20pain%3F%20This%20innovative%20product%20may%20just%20be%20what%20your%20body%20needs!&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=ATTENTION!%20The%20original%20Derila%20pillow%20can%20only%20be%20purchased%20on%20the%20official%20website%20here%3E%3E&ua=&ua_mobile=false&ua_full_version_list=&uuid=40ba4d5a-cffe-4ff4-ae65-846bdaa5f520&samesite=None
Protocol
HTTP/1.1
Server
13.56.46.87 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-46-87.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
71b6d3487b4bc3d48cd48c898697b6e8b228d490cbaaa106e0366581e564d36e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZGmABGdc/2EAAAAKCwAKAw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
176
Date
Sat, 14 Dec 2024 03:45:37 GMT
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
*

Redirect headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Location
/sc?event=pview&hostname=rightsleeping.com&location=%2Fad%2Fderila-us-ad-4%2F&product=sop&url=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Sleeping%20with%20pain%3F%20This%20innovative%20product%20may%20just%20be%20what%20your%20body%20needs!&cms=unknown&publisher=62ef670c899767001cf551f5&sop=true&version=st_sop.js&lang=en&description=ATTENTION!%20The%20original%20Derila%20pillow%20can%20only%20be%20purchased%20on%20the%20official%20website%20here%3E%3E&ua=&ua_mobile=false&ua_full_version_list=&uuid=40ba4d5a-cffe-4ff4-ae65-846bdaa5f520&samesite=None
Connection
keep-alive
Access-Control-Allow-Credentials
true
Stid
ZGmABGdc/2EAAAAKCwAKAw==
Access-Control-Allow-Origin
https://rightsleeping.com
Content-Length
752
Date
Sat, 14 Dec 2024 03:45:37 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
*
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&rl=&if=false&ts=1734147936300&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734147936298.363013351943334584&ler=empty&cdl=API_unavailable&it=1734147936245&coo=false&rqm=GET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4543, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
200 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1436609853526364&ev=PageView&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&rl=&if=false&ts=1734147936300&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734147936298.363013351943334584&ler=empty&cdl=API_unavailable&it=1734147936245&coo=false&rqm=FGET
Requested by
Host: rightsleeping.com
URL: https://rightsleeping.com/ad/derila-us-ad-4/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448108673163634563"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448108673163634563", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
glnx7nYXspzw9bvAUd6DrEixgyEdULDocLc6gyAm7DwuKJbafEKmmOkTvu0sudszZ5o8eGr+XIbyIpSBwihOjg==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4911, tp=13, tpl=0, uplat=239, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=3140239&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.675199526fcb21f102e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.128.190.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-190-134.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e42cf91959b52f66d34aab2f834687f2436b0aa1f1835fed694ec0e99ccbe714

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Sat, 14 Dec 2024 03:45:37 GMT
content-type
application/json
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-BNQM7NW6HE&gtm=45je4cc1v893076787z8893062484za200zb893062484&_p=1734147935677&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=699201570.1734147937&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734147936&sct=1&seg=0&dl=https%3A%2F%2Frightsleeping.com%2Fad%2Fderila-us-ad-4%2F&dt=Sleeping%20with%20pain%3F%20This%20innovative%20product%20may%20just%20be%20what%20your%20body%20needs!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3059
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BNQM7NW6HE&l=dataLayer&cx=c&gtm=45He4cc1v893062484za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://rightsleeping.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 03:45:36 GMT
content-type
text/plain
server
Golfe2
logo-1-100x100.png
rightsleeping.com/wp-content/uploads/2022/08/
2 KB
2 KB
Other
General
Full URL
https://rightsleeping.com/wp-content/uploads/2022/08/logo-1-100x100.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.174.103.16 Dallas, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.103.174.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/ad/derila-us-ad-4/

Response headers

cache-control
max-age=31536000
etag
"65ceb8de-621"
expires
Sun, 14 Dec 2025 03:45:36 GMT
accept-ranges
bytes
content-length
1569
date
Sat, 14 Dec 2024 03:45:36 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
content-type
image/png
last-modified
Fri, 16 Feb 2024 01:22:38 GMT
server
nginx
x-proxy-cache-info
DT:1
t.dhj
t.sharethis.com/1/k/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1734147937302
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.18 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90c54015f604b0afda8c4dde55bf27f0c580e95bc6449021992247450649fae3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sat, 14 Dec 2024 04:45:37 GMT
Content-Length
1385
Date
Sat, 14 Dec 2024 03:45:37 GMT
Content-Type
text/javascript
panorama.js
platform-api.sharethis.com/
39 KB
12 KB
Script
General
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-113.syd62.r.cloudfront.net
Software
/
Resource Hash
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"9a71-1934f7555b0"
age
1877
via
1.1 9f543b41d91998db89601c7fae0f18c2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
x-amz-cf-id
1mZII556RV61TeUkkXHTOxEEYBr9z0IlKdrscNPbmEY21Ee7j4zuqA==
date
Sat, 14 Dec 2024 03:14:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Thu, 21 Nov 2024 16:01:50 GMT
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P3
x-frame-options
SAMEORIGIN
map
bcp.crwdcntrl.net/6/
235 B
693 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.141.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-141-68.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ea96c7802191d6d8f53a65b6bda9c3a49295bf13b015e47ec4739c86161f033d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://rightsleeping.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://rightsleeping.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Sat, 14 Dec 2024 03:45:37 GMT
content-type
application/json;charset=utf-8
x-server
10.42.4.111
server
Jetty(9.4.38.v20210224)
t_.htm
t.sharethis.com/a/ Frame 46B3
0
0
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=B
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=rightsleeping.com&rnd=1734147937302
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.18 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://rightsleeping.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Sat, 14 Dec 2024 03:45:37 GMT
Expires
Sat, 21 Dec 2024 03:45:37 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
panorama
sync.sharethis.com/
42 B
297 B
Image
General
Full URL
https://sync.sharethis.com/panorama?uid=7faac517a9bd76f6372b3ea6e2e6185ca02c6bbf97ecee2bd5106d466976d6e0&stid=ZGmABGdc%2F2EAAAAKCwAKAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.46.87 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-46-87.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rightsleeping.com/

Response headers

Stid
ZGmABGdc/2EAAAAKCwAKAw==
Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Sat, 14 Dec 2024 03:45:38 GMT
Content-Type
image/gif
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rightsleeping.com
URL
blob:https://rightsleeping.com/d098638d-e72f-4105-9413-bc3a437b6053

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| jQuery object| dataLayer object| gpSmoothScroll object| gpscroll function| SmoothScroll object| thirsty_global_vars object| thirstyFunctions object| generatepressMenu object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| clickmagick_cmc object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| st object| __stdos__ boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields boolean| clickmagick_cmc_loaded_previously object| twemoji object| wp function| onYouTubeIframeAPIReady object| gaGlobal object| lotame_sync_16621 function| lotameIsCompatible function| sync16621_aa function| sync16621_c function| sync16621_f object| sync16621_h function| sync16621_ca function| sync16621_j function| sync16621_da object| sync16621_ object| sync16621_ga object| sync16621_v object| sync16621_oa object| sync16621_xa object| sync16621_ya function| sync16621_a function| sync16621_b function| sync16621_g function| sync16621_i function| sync16621_k function| sync16621_l function| sync16621_m function| sync16621_n function| sync16621_o function| sync16621_p function| sync16621_q function| sync16621_r function| sync16621_fa function| sync16621_ea function| sync16621_s function| sync16621_t function| sync16621_u function| sync16621_w function| sync16621_ha function| sync16621_ia function| sync16621_y function| sync16621_ja function| sync16621_z function| sync16621_A function| sync16621_x function| sync16621_B function| sync16621_ka function| sync16621_C function| sync16621_D function| sync16621_E function| sync16621_F function| sync16621_G function| sync16621_H function| sync16621_I function| sync16621_J function| sync16621_K function| sync16621_L function| sync16621_la function| sync16621_ma function| sync16621_na function| sync16621_M function| sync16621_N function| sync16621_pa function| sync16621_O function| sync16621_qa function| sync16621_ra function| sync16621_sa function| sync16621_P function| sync16621_ta function| sync16621_ua function| sync16621_va function| sync16621_wa function| sync16621_Q function| sync16621_R function| sync16621_za function| sync16621_S function| sync16621_T function| sync16621_U function| sync16621_V function| sync16621_Aa function| sync16621_W function| sync16621_X function| sync16621_Y function| sync16621_Z function| sync16621__ function| sync16621_0 function| sync16621_Ea function| sync16621_Ba function| sync16621_1 function| sync16621_Da function| sync16621_Ca function| sync16621_2 function| sync16621_3 function| sync16621_4 function| sync16621_5 function| sync16621_Ga function| sync16621_Ha function| sync16621_Ja function| sync16621_Fa function| sync16621_7 function| sync16621_Ia function| sync16621_La function| sync16621_Ka function| sync16621_8 function| sync16621_6 function| sync16621_9 function| sync16621_Ma function| sync16621_Na function| sync16621_Oa function| sync16621_Pa function| sync16621_$ function| sync16621_Qa function| sync16621_Ra function| sync16621_Sa function| sync16621_Ta

26 Cookies

Domain/Path Name / Value
.rightsleeping.com/ Name: _fbp
Value: fb.1.1734147936298.363013351943334584
.rightsleeping.com/ Name: _hjSessionUser_3140239
Value: eyJpZCI6IjUwYjQxYTRiLWRjYWUtNTFjMy1iZWEwLTVhZGJhMDYwZjBjOCIsImNyZWF0ZWQiOjE3MzQxNDc5MzY0MjEsImV4aXN0aW5nIjp0cnVlfQ==
.rightsleeping.com/ Name: _hjSession_3140239
Value: eyJpZCI6IjZiYjBjMTAxLWUzMmItNDhlYy05N2RiLTZmMDliY2NlMzc2ZSIsImMiOjE3MzQxNDc5MzY0MjIsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.rightsleeping.com/ Name: _ga_BNQM7NW6HE
Value: GS1.1.1734147936.1.0.1734147936.0.0.0
.rightsleeping.com/ Name: _ga
Value: GA1.1.699201570.1734147937
.sharethis.com/ Name: __stid
Value: ZGmABGdc/2EAAAAKCwAKAw==
.sharethis.com/ Name: __stidv
Value: 2
.rightsleeping.com/ Name: fpestid
Value: 8xUiAzhDBsY0dDgK72X5FV70xJw3AChkJsgY56yMmNJndR7hjU9R0twwA9UrzQCOej7Dnw
.t.sharethis.com/ Name: pxcelPage_default_c010_B
Value: 0_6_1734147937573
.adsrvr.org/ Name: TDID
Value: 265582d0-820e-4a59-82ff-21d03e085f72
.eyeota.net/ Name: mako_uid
Value: 193c3459594-48010000010d5426
.eyeota.net/ Name: SERVERID
Value: 21542~DM
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiMqICPkP_NPRAFOAE.
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: e632872971180201516542c560c70938
.rightsleeping.com/ Name: _cc_id
Value: e632872971180201516542c560c70938
.rightsleeping.com/ Name: panoramaId_expiry
Value: 1734752737673
.rightsleeping.com/ Name: panoramaId
Value: 7faac517a9bd76f6372b3ea6e2e6185ca02c6bbf97ecee2bd5106d466976d6e0
.rightsleeping.com/ Name: panoramaIdType
Value: panoDevice
.yahoo.com/ Name: A3
Value: d=AQABBGH_XGcCEG1TJBA6VTp80jzdVfhgvv8FEgEBAQFQXmdmZw0CxyMA_eMAAA&S=AQAAApMw4PaMTINzzr0LJA7ZllA
.ml314.com/ Name: pi
Value: 3649106632997601312
.analytics.yahoo.com/ Name: IDSYNC
Value: 19b8~2mdf
.rlcdn.com/ Name: rlas3
Value: hZka5cbGuSnKcJbLQ9a+3GFqi2cPQtf4fisrXiJLV9g=
.exelator.com/ Name: EE
Value: "2b6bd20e7fa0229e1fa118d167a45613"
.rlcdn.com/ Name: pxrc
Value: COL+87oGEgUI6AcQABIFCNtOEAA=
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEoySwpxcgg1Twt0cDIyDLVMC3R0NAixdDMPNHE1MzQeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IsfQxUUpaQyLSopPBZ98uBgAk%252F4qqw%253D%253D"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.clkmc.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
rightsleeping.com
script.hotjar.com
static.hotjar.com
sync.sharethis.com
t.sharethis.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
rightsleeping.com
108.128.190.134
108.158.20.113
108.158.32.82
13.228.141.68
13.56.46.87
157.240.8.23
157.240.8.35
172.217.167.67
18.67.110.93
23.40.52.18
2404:6800:4006:80b::2008
2404:6800:4006:80f::200a
2404:6800:4006:811::200e
2600:9000:277c:4a00:c:abe:f440:93a1
2606:4700:10::6816:9d7
34.174.103.16
120206675748e9d5d49750a146ecbe5954cf11fa5f09e2ccffe520dab330d759
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
17ea19bb52caa07f6588951442f789aa9aeb2b0f089ac3611c9bda36983e5f9c
17f5cb0091d3b54e3e9aee77fc8c7eb582da9fdc7a931c40ebe2720f40872ef0
1d2601471b719ecfc4be8272cbda074e5ff15c43f8f98c5a1eef506d42800b24
223b2a4c85a7e508c8c95f846e9d7a1eb7d3833d561f5b4e0d998c674d3efb39
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
23c023792005dbbf706b9c93b04e0ac92f8801e551c49c2b892ab0d99b864648
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
2aaf42f1717df06f860758d6013325f277e7c709168cea840619f4cabf53f113
3170050ba182339c71a5efb9c1d7fc59a2f49251f211031bf7a17502bc4a346d
37272f6ee517a309c6b2dc92172b1c1f34612a542862c8ca762eab55bf6e0abc
381dec9786c31e06ff85ae00a7aa3af357278785ba1318bf4bbfb6a8d7bc3ffb
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
5da274ce6310d42174fbf8369e8737ad5a2db661802d7aeb09ee13da863d7843
71b6d3487b4bc3d48cd48c898697b6e8b228d490cbaaa106e0366581e564d36e
74b4f31ecd217da76fdfa10505d202491536753483ff8bd5b9b0137fe75761f3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7eb9ad84accfb3b351afe5d85ab06d1392c1ad39fb900a97e192d0c4048a14d9
8b0ceabdff07806ce949c228d047d0824bca1bec4c3c3f83ac2cd077a24e55e5
90c54015f604b0afda8c4dde55bf27f0c580e95bc6449021992247450649fae3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
9baa573e4378873b7ac81ccb1d954ce9bb2b1a933947ad3012263ddc604d8505
9bec6d410810065a33b1bdc33845882b477f9b1441452fe56e840b846f462641
a1dd01b6639d2bca0a255f1eb5dd2dea626549ad573755c2c3a7952afa813524
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
a95f6071d1fb4cc26f8a793fb8103d8229961193f6230f2e779d599f5a9dd400
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
babfb4526a362fd0dd824dfad485addd3b753aced799ddabf6478b78e4e04f25
bdd79fdff282882758d21f0bbaa4d554336150190cc50ad78947b889cee18215
c551a778d461b83f9bb318403bd5b33382e043d952d01bb2ea11e0d449845c31
c839222ec3a5037179749a843610820436bf575a591a3e0b45404f1970a2cc56
c92dad92b1f9fb48dd122b116d5825a6732827c3091c0be7f881a35202338d43
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce43697d26defc72fa5aa7e3d7f1296cd19ba9a67cad0e2557aacc7702454f4d
dbd2d951b8e5194fc17448c50091a3101650ae49529d8ec220171dbbdf25c54f
de12babcd45b46ad40f4073c83eba31f31efd8eae4b7299631ffb1dc49f780d6
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42cf91959b52f66d34aab2f834687f2436b0aa1f1835fed694ec0e99ccbe714
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
ea96c7802191d6d8f53a65b6bda9c3a49295bf13b015e47ec4739c86161f033d
ec4c5fbf75517b8da579b798c4826f83a6f31ddb68d50e4a0bbe528f9bb9ec14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22691711c373a3444980cc32ab028fa86dad687c1b386e14847a47ce8b88e73
f67e99114807ecac9bba6fbb9f81eea467c50c9f03b59974fe696bdfab6ba227