sleepingbag.originaldefense.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://travel.exceltravelbiz.com/ga/click/2-128861236-426-4786-9343-10279-a8463aaa38-h056c9e3fa
Effective URL:
https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e0...
Submission: On May 03 via manual (May 3rd 2022, 5:20:17 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 26 domains to perform 109 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is sleepingbag.originaldefense.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 8th 2021. Valid for: a year.

This is the only time sleepingbag.originaldefense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.163.164.144 194.163.164.144	51167 (CONTABO) (CONTABO)
1 1	23.229.68.39 23.229.68.39	55286 (SERVER-MANIA) (SERVER-MANIA)
1 1	52.0.28.73 52.0.28.73	14618 (AMAZON-AES) (AMAZON-AES)
1 3	35.244.245.136 35.244.245.136	15169 (GOOGLE) (GOOGLE)
22	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	151.139.242.29 151.139.242.29	33438 (STACKPATH) (STACKPATH)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	52.219.112.10 52.219.112.10	16509 (AMAZON-02) (AMAZON-02)
1 2	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3032::ac43:dff2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.157.4.105 108.157.4.105	16509 (AMAZON-02) (AMAZON-02)
5	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
10	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
18	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
8	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
3	2600:9000:231... 2600:9000:2315:9c00:15:c281:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6814:3777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.229.186.102 3.229.186.102	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.211.250.57 3.211.250.57	14618 (AMAZON-AES) (AMAZON-AES)
4	18.207.50.145 18.207.50.145	14618 (AMAZON-AES) (AMAZON-AES)
109	29

1 194.163.164.144 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: 8ztsr0gdno.exceltravelbiz.com

travel.exceltravelbiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.229.68.39 (Buffalo, United States) 1 redirects

ASN55286 (SERVER-MANIA, CA)
PTR: 5lxjbakfcy.mdxsales.com

sale.finddchomesforsale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.28.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-28-73.compute-1.amazonaws.com

mumkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.245.136 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 136.245.244.35.bc.googleusercontent.com

www.l4n2fytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

sleepingbag.originaldefense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (STACKPATH, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.112.10 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com

launchify-products-videos.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:dff2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-105.dus51.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2315:9c00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

ik.imagekit.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:3777 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pushcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.186.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-186-102.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.211.250.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-250-57.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.207.50.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-50-145.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	originaldefense.com sleepingbag.originaldefense.com	471 KB
18	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	2 KB
10	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	807 KB
9	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 3961 static-tracking.klaviyo.com — Cisco Umbrella Rank: 4657 fast.a.klaviyo.com — Cisco Umbrella Rank: 5173 static-forms.klaviyo.com — Cisco Umbrella Rank: 5090	86 KB
8	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5764	81 KB
8	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 3259 psp.pushnami.com — Cisco Umbrella Rank: 18733 trc.pushnami.com — Cisco Umbrella Rank: 3314	20 KB
4	useproof.com cdn.useproof.com — Cisco Umbrella Rank: 68789 api.useproof.com — Cisco Umbrella Rank: 67771	602 KB
3	pushcrew.com cdn.pushcrew.com — Cisco Umbrella Rank: 27876	74 KB
3	imagekit.io ik.imagekit.io — Cisco Umbrella Rank: 23460	2 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	429 B
3	l4n2fytrk.com 1 redirects www.l4n2fytrk.com — Cisco Umbrella Rank: 912841	18 KB
2	herokuapp.com live-visitor-counts.herokuapp.com — Cisco Umbrella Rank: 202699	200 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	158 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3632	656 B
2	google.com www.google.com — Cisco Umbrella Rank: 20	656 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	3 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 8536	50 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	139 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	2 KB
1	proofapi.com analytics.proofapi.com — Cisco Umbrella Rank: 82326	794 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	amazonaws.com launchify-products-videos.s3.amazonaws.com
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 10550	6 KB
1	mumkt.com 1 redirects mumkt.com	839 B
1	finddchomesforsale.com 1 redirects sale.finddchomesforsale.com	305 B
1	exceltravelbiz.com 1 redirects travel.exceltravelbiz.com	675 B
109	26

	Domain	Requested by
22	sleepingbag.originaldefense.com	sleepingbag.originaldefense.com
18	www.facebook.com	sleepingbag.originaldefense.com
10	connect.facebook.net	sleepingbag.originaldefense.com connect.facebook.net
8	dev.visualwebsiteoptimizer.com	sleepingbag.originaldefense.com dev.visualwebsiteoptimizer.com
5	static.klaviyo.com	www.googletagmanager.com static.klaviyo.com
4	trc.pushnami.com	api.pushnami.com
3	cdn.pushcrew.com	dev.visualwebsiteoptimizer.com cdn.pushcrew.com
3	ik.imagekit.io	sleepingbag.originaldefense.com
3	www.google-analytics.com	www.googletagmanager.com
3	cdn.useproof.com	www.googletagmanager.com cdn.useproof.com
3	www.l4n2fytrk.com	1 redirects www.googletagmanager.com www.l4n2fytrk.com
2	psp.pushnami.com	api.pushnami.com
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	www.google.de	sleepingbag.originaldefense.com
2	www.google.com	sleepingbag.originaldefense.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	api.pushnami.com	www.googletagmanager.com api.pushnami.com
2	cdn.mouseflow.com	1 redirects sleepingbag.originaldefense.com
2	www.googletagmanager.com	sleepingbag.originaldefense.com www.googletagmanager.com
2	fonts.googleapis.com	sleepingbag.originaldefense.com client
1	analytics.proofapi.com	cdn.useproof.com
1	api.useproof.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static-forms.klaviyo.com	static.klaviyo.com
1	fast.a.klaviyo.com	static.klaviyo.com
1	www.googleadservices.com	www.googletagmanager.com
1	launchify-products-videos.s3.amazonaws.com	sleepingbag.originaldefense.com
1	images.dmca.com	sleepingbag.originaldefense.com
1	mumkt.com	1 redirects
1	sale.finddchomesforsale.com	1 redirects
1	travel.exceltravelbiz.com	1 redirects
109	33

This site contains links to these domains. Also see Links.

Domain
www.dmca.com

Subject Issuer	Validity	Valid
sleepingbag.originaldefense.com Cloudflare Inc ECC CA-3	`2021-12-08` - `2022-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
static.klaviyo.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
fast.a.klaviyo.com R3	`2022-03-24` - `2022-06-22`	3 months	crt.sh
static-forms.klaviyo.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
l4n2fytrk.com Starfield Secure Certificate Authority - G2	`2021-08-17` - `2022-08-17`	a year	crt.sh
*.imagekit.io Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.pushcrew.com Go Daddy Secure Certificate Authority - G2	`2021-07-23` - `2022-08-24`	a year	crt.sh
*.herokuapp.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Frame ID: 56079B8DF416331425BAA33AE73B9096
Requests: 105 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: CD6B69BE516C5D28DCF44AC04FFE6300
Requests: 6 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 13B0C78CAAE7061EECAD8186DA198720
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Snowmageddon Traps Hundreds For 20+ Hours. How One Family Stayed Warm & Alive!

Page URL History Show full URLs

https://travel.exceltravelbiz.com/ga/click/2-128861236-426-4786-9343-10279-a8463aaa38-h056c9e3fa HTTP 302
http://sale.finddchomesforsale.com/Kitjgbnjijhithjgnjbhugjtijopkmbjgnguhuhgit/bcdsexsccrxaesxqbdhjbtdfrxsexrsctys HTTP 302
https://mumkt.com/?a=10362&c=134558&s1=XMkfgdeihgrt HTTP 302
https://www.l4n2fytrk.com/24TCHNC/D87J2S/?uid=478&sub1=10362&sub2=XMkfgdeihgrt&sub3=&sub4=&sub5=478785145 HTTP 302
https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512b... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

VWO Engage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.pushcrew\.\w+

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

99 %
HTTPS

48 %
IPv6

26
Domains

33
Subdomains

29
IPs

2
Countries

4429 kB
Transfer

8484 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dmca.com/Protection/Status.aspx?ID=415d54d9-8752-453c-9318-7a6c1c5bd6ba&refurl=https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215&affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://travel.exceltravelbiz.com/ga/click/2-128861236-426-4786-9343-10279-a8463aaa38-h056c9e3fa HTTP 302
http://sale.finddchomesforsale.com/Kitjgbnjijhithjgnjbhugjtijopkmbjgnguhuhgit/bcdsexsccrxaesxqbdhjbtdfrxsexrsctys HTTP 302
https://mumkt.com/?a=10362&c=134558&s1=XMkfgdeihgrt HTTP 302
https://www.l4n2fytrk.com/24TCHNC/D87J2S/?uid=478&sub1=10362&sub2=XMkfgdeihgrt&sub3=&sub4=&sub5=478785145 HTTP 302
https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://cdn.mouseflow.com/projects/11b26bf7-3826-432c-bf45-842c2d21441b.js HTTP 301
https://cdn.mouseflow.com/projects/11b26bf7-3826-432c-bf45-842c2d21441b_eu.js

109 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c Show response
sleepingbag.originaldefense.com/blog/
Redirect Chain

https://travel.exceltravelbiz.com/ga/click/2-128861236-426-4786-9343-10279-a8463aaa38-h056c9e3fa
http://sale.finddchomesforsale.com/Kitjgbnjijhithjgnjbhugjtijopkmbjgnguhuhgit/bcdsexsccrxaesxqbdhjbtdfrxsexrsctys
https://mumkt.com/?a=10362&c=134558&s1=XMkfgdeihgrt
https://www.l4n2fytrk.com/24TCHNC/D87J2S/?uid=478&sub1=10362&sub2=XMkfgdeihgrt&sub3=&sub4=&sub5=478785145
https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

15 KB
6 KB

530ms
452ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f6ca4d3aeef97e31517c58bb50345e18d2c58fe9c8c7d3068a0a02ec5bc5db1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public,max-age=10,s-maxage=86400
cf-cache-status: DYNAMIC
cf-ray: 705aaa6e98380ffe-MRS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 May 2022 17:20:10 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E26fQR4kX3tz8fwUqR1TWAWWz5P6zji6LRVPjpHGGd%2BN9qaLhzyD%2FYSUwKyKwfPnJ33%2Bv0CjFCdd9I8BERh6mkY5KzV%2BoU8A7hcbYnN6GFjR58m2ey%2B8SV1GwEQIaT1nltnNTCZsfUa8f6ELgl16arfc%2F05KKHo0dkOE%2BzqU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx000000000000000f7cd5a-006271644a-319b2aa6-nyc3c
x-rgw-object-type: Normal

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191
content-type: text/html; charset=utf-8
date: Tue, 03 May 2022 17:20:09 GMT
location: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 9c2b9bf6-9277-4541-a586-5fd3bf59d0fa

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;700&display=swap

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

118e6bdf6f27f036c403b4a24d9c7c698fc1400fc1f53e96110f954c3b21c973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 17:03:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 17:20:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 17:20:10 GMT

GET
H2 200 jquery.modal.min.css
sleepingbag.originaldefense.com/common/libs/jquery-modal/ 3 KB
2 KB 346ms
345ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/libs/jquery-modal/jquery.modal.min.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b572-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:22 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"54e7ff4998b2900efc138ead15e54a93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4B%2BgeWygrMiPaN0S%2Bfk6Wk46SOh5m%2FcU7nb6l6xErOoicAeAZU%2BHM4oPOK3jn1nXrFqDh3FEbpG2Ke%2FZxNyB6cCQbfYrzcK2PTXyCF8cu7W5JR9PFlIurUzYEDfFNWoUirzH8gmecw%2FtuprOzTze7lWVNOPDuSpc6wIGkfzl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719da70ffe-MRS

GET
H2 200 normalize.css
sleepingbag.originaldefense.com/common/css/ 6 KB
2 KB 243ms
243ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/css/normalize.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03fc2304d03a4c61f96b5ce6ecca112bbd65dda43345fff70c70a9c41d9a8d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd5e-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"b6e7713ed414fc445dca2961d8a77be8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPnVkMmDvAtcjxM63NZQ6wW8JtiK%2FPESpmqA76%2F5J3jPi4AUOIpzBMQg0Ur2BWqlg%2BacePIVTpExlpJ2kRsBt2iMKn%2FdUltAaUXjmkHr6IzyJC%2Ffb4rab99tOvyRBc26ECukE5VfWnly6%2Bl9u5QIzOYeUWDth0j3dcztJMXK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719da80ffe-MRS

GET
H2 200 common.css
sleepingbag.originaldefense.com/common/css/ 1 KB
880 B 335ms
334ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/css/common.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6d13dbd24cd4242242e1237c1a3f76e1c3bd57109daae3704b13c0fe3da584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd62-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"535f53a7d9adb33aeece240db9016763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWD4SEc%2B2%2BffGPJ8nZ8GWLyfvl1rxzO2FZ9QSz7F1QUxxoUFszNU9hUUrgfrCCSP6zKU23fKpN69kuGtmXhCV4PvGgBcdH9EYIIEl8bJhgQkqecwS%2FcjcNh2Gs7TBaS6bEW42%2FzDwnAKmE1EypAqM1QDLB0jC3%2FW%2FLgwOYEQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719dab0ffe-MRS

GET
H2 200 old-presell-styles.css
sleepingbag.originaldefense.com/blog/c/css/ 178 KB
23 KB 620ms
619ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/blog/c/css/old-presell-styles.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 019e0b79dbd492c5981eea78d76e7546b07e8d53c91321f66591b175a41e9149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b574-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"5e4e176b182868c61d30ac6ec19cdb06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0udUxskKfVxAWXJ1%2F5SYs9A29Kv%2BzIsCMgUN00omdeoMN9mk1XJbGL%2B9Ch8rCSJZ7b9zLGzi1EGao%2FdCLdsBxMUvmIhAhUklZheZAYpkKvSnpddXSKOzPnW%2FiVUtjxxhG3zX774Lm%2FJSRMvo5JXVpn0PWPKYeJhDdU118EfW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719dac0ffe-MRS

GET
H2 200 styles.css
sleepingbag.originaldefense.com/blog/c/css/ 54 KB
13 KB 494ms
494ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/blog/c/css/styles.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0d94e92d5af6ded38287baf77d44b50d7a5db03e44610f501a868b18dd51ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd60-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"00cc42cb6a2079c9ece01aacd3a6c153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXoOJ11PdEm844m8RaKhmtYoW8yDcdW5bAxt5gH3ZlSDfW3HQB7s29QKUZaF7R8K8HwJRe%2FOwMszGlKCanP6U4sBx5r72rHzLizjf7e9K0W%2B9oH11gOAYZlRGplGgte3MIR9Y1IKWtnyAjGflqJQO8NES8NlGpvhMB85XiRe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719dad0ffe-MRS

GET
H2 200 custom.css
sleepingbag.originaldefense.com/blog/c/css/ 787 B
795 B 53ms
53ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/blog/c/css/custom.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd774eb0302fa7eca2939daf88bd9a9b96981c6112bc2118591dae1cd913bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: tx000000000000000f0d277-006270ec47-319b1ee3-nyc3c
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"bcbe8f4912b048bf91f44a5962d522f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FdK3%2Fypl4kkZAK%2FwVexEP%2BhzrBFWLBny2t2w4FiZrc6IqlKKfchRhONoXBRlHAYUBK04Zq5HEDFT%2F%2BIMnf%2B%2FI%2FEyTIpkBNMOFl6vXtg0oLcQulQqSpaxACwPRby3tdsImBZD0xn119jbb57od%2Ftj8V88xirfMe7t3TjcgPw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719dae0ffe-MRS

GET
H2 200 logo.png
sleepingbag.originaldefense.com/blog/c/img/ 14 KB
15 KB 56ms
53ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/logo.png
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f749e231fa824c2d8036a4d1eb927d409a16295ff3aea9f503435ae6e24903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147
cf-ray: 705aaa71bde40ffe-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14661
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "b30ee78089971e2a03c8df737a7ae1d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPEf4kjAkPZZR8dYXGciNkQPCkLEgrRztMu3ZM%2F1hkTu%2F06BcHlSAP7yr4%2B7WyTo11dkgzbnlZuF%2F3MSKtZ3RRsHiu2MBcb%2BND%2Fs8sjP7jQlj1R1NkZ%2B8x1pvPmC5DB4kK3KfaNu8jK0bp9mS9Ae9jPkoG2u6QaFzEIgmKZ6"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7ab79-00627163b7-319b1ee3-nyc3c
x-rgw-object-type: Normal
accept-ranges: bytes
content-type: image/png

GET
H2 200 author.png
sleepingbag.originaldefense.com/blog/c/img/ 4 KB
4 KB 401ms
399ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/author.png
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc8986f1086961a0b730538f1717f4e5d77e57b7fed8cc31fa479ac2f919bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd69-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3898
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "2268872dec243535ee4af651136dc414"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCLPnd%2FwhYriJD%2BglKJb3j9cm3jzGl9rh%2FY3r9V9GE228Swe0i0sIlUtkJq%2BV%2Fu04z47d0QIQ%2BA%2Balh6ZxpqF5o0N68xdWM8Kq8zFvy2ogBQ60H4cEjLC7d9fzxT48BNPsLeL0V8eoeWt0K1CBGFSETdePvh5Rd3YPT2RhUx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bde50ffe-MRS

GET
H2 200 1.webp
sleepingbag.originaldefense.com/blog/c/img/ 65 KB
66 KB 515ms
513ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/1.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd8ad3df84b1ac7593cbee6a221a51e70181d37e7c896ffc3b3a9ce188d21b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b576-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67056
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "2df66a0ac939d81e98514c439f446405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orkKaxuY0V9qV1gndFVXbCglEvvJqixcZ%2FwJU1UWJxs3KrGU1hHsjEtMV74hysGPgY103q2NVyIblmAG7qDDlPuJj5bQWXiIW73fGvlIplC0QBI5goHWSL2iHTCfCmgTthO9BalWrIakgRK%2BV82VCusISqYMZfAPqF1ay40J"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bde70ffe-MRS

GET
H2 200 poster.webp
sleepingbag.originaldefense.com/blog/c/img/ 25 KB
25 KB 470ms
468ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/poster.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16bba5b1acc991672a15d2ca47fb64496be23c206a9291b44f6e04747b81694c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd64-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25166
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "a98521708450b69cdfb39509be57ba55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPazbMGwvoqV5vHQ1Bl65OCZ6qGB91gsQi2ZCN3eYb0eEXMoIEOqwaZgmQSJV5bHQGaiD0p6wmaIrn2eqtP6MR1gLwPFp4obriVUjuYQ1C75BUs4OIEreH44mu1AG086%2FxZN3a1cxw1wKBpY3OrMVChnBPJet%2FiAgg5vsd60"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bdea0ffe-MRS

GET
H2 200 2.webp
sleepingbag.originaldefense.com/blog/c/img/ 29 KB
29 KB 446ms
444ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/2.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d124b2677c3926aade843a50196c61e8e6bd095b364c893b756ffe3aaeb71bc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd67-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29532
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "46f7040ef61625fd1edc80d86bbea16c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRqE3JsZGtUhLeRljvK3qWOH%2BCa4U1DLSiiIpCgJE1ky3INTtQv9oECUyPazU%2FKCCGKgXaFS%2FX0JYgrrGi4Z4mK0VooIKBRYs3HfqeZkAfLjeoUDRTKoSXPHAVeXZh42XgS5TsEvQjV62k8LlKz2zTbmOvKCPqw7ma3jHLjg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bded0ffe-MRS

GET
H2 200 3.webp
sleepingbag.originaldefense.com/blog/c/img/ 30 KB
31 KB 448ms
446ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/3.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ea6bde0f0b455e1f0aadd60767ebc8bc3f0f6f7a766599a27f7115cafd83b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b578-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30992
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "e77202d83b1da7c46710dcaaa7095519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo1CHjyyNMBk0IqRBIwor9yn4Nir7kFy%2FIO8bJlv2EzLiIfLcxV8MVppsdLTBVmFdECkZKxf73%2B8wCe3g7sH%2BMKASbx10dZxMnzrxoQkVA1bNO9X3%2FL9nalKaskLMEiNH00cNZkF4OI44Aw%2ByWn94Hts78vI8MZ4z%2BYXbBdd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bdef0ffe-MRS

GET
H2 200 4.webp
sleepingbag.originaldefense.com/blog/c/img/ 55 KB
56 KB 534ms
532ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/4.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb14fa8268d01d25d3ecb1847f1dc8662e1f2251fa8b55725fff648c6f6df6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b577-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56594
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "e83b8dbd08d1008e7e991b3df91b7afa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FDh4VgGHUNMVva3AviFEEcK%2Fi21g1skHCjOXEir4gsD4P93zvl2qD1p4fQZxRFAhNrtfWJK6PEHakKLWtYbLqSskqR2wBGZzvsDlDF%2BT%2FD5N7uxM2y%2BVmrEafKr%2BgyyVLoLMlx988Lx%2FfPaUfBiarUXkyNHhoidZhqQjNQ6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bdf00ffe-MRS

GET
H2 200 5.webp
sleepingbag.originaldefense.com/blog/c/img/ 57 KB
57 KB 554ms
552ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/5.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6118fb7d4bea7c51b307e21e4dd29678426dc9ee05f09de43cf4e486905138b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b579-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57926
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "4939d4d3061284fe0448ff9512e7495d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o704P03mcJhW6BqqWfdATh0jUuM364zOwEEVN%2BSkmf1JcdohT5%2FMXo6v9Hxg2%2B7W%2BafFPSamXG%2Fr6foQQZftIGDM7KAfFST7U%2BxWfMHPFC47G1%2F5DipYs4F5DjFslYkEDdgOxfhMOMYCLEo7e2CHQg3wnm9gxGxurf3aQTod"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bdf30ffe-MRS

GET
H2 200 6.webp
sleepingbag.originaldefense.com/blog/c/img/ 85 KB
86 KB 524ms
523ms Image
image/webp 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sleepingbag.originaldefense.com/blog/c/img/6.webp
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc741b546a3c05c9cfe8a74fcc40116839709eb8d701c5e031b1507a39bf4822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd68-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87342
last-modified: Fri, 29 Apr 2022 22:51:20 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: "d041e618bf69afc693cb2dec0544ceb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LT8HsgUXIyEzHsDJqyB%2Btj4fXqQOeQuxLEnM4yJG4WjyR%2FWaqJWqF%2BHHJNX6Wd9OFfh9AsQgXpgqlmhd8pWQ%2B5VsCQXttTRr647JuEn5m2qV95oDvB8KiwfiZe6pTJ5llb1qg4qbMqF539%2BtoZySdo4s7I%2BogmgcFcC6i3E5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 705aaa71bdf40ffe-MRS

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ 5 KB
6 KB 110ms
8ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=415d54d9-8752-453c-9318-7a6c1c5bd6ba
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "8ae3cdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605
expires: Thu, 02 Jun 2022 17:19:56 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
sleepingbag.originaldefense.com/common/libs/jquery/ 87 KB
32 KB 520ms
518ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/libs/jquery/jquery-3.5.1.min.js
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd61-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:22 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhEY3SjEO8JbzF6HZ3hE77VhQ%2Bmjj49JUtvBUIN3RRy%2FG33gr6DoWUyGg%2BnEi4TJxY8D63vQMybmMIocSzSi%2FIODoez3NNbL5dq2BgRmPl0NOgOxLWxg7o0yt11px00QiIuxjZNkNqx3UYLGIo%2FZlw3hWyvg9vOFkwzfCXnA"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa719daf0ffe-MRS

GET
H2 200 jquery.modal.min.js Show response
sleepingbag.originaldefense.com/common/libs/jquery-modal/ 5 KB
2 KB 352ms
350ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/libs/jquery-modal/jquery.modal.min.js
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd65-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:22 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"c8f50397e0560719c62a35318f413e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNtTR3L5c1Pl%2BovEYbMRbR3UPNPb0csK6OMb8GYQCHzuM4LTInsFXWZlYx%2B2mYDKMXBRi0nx0fUdyd19tLITlfclVRy%2F%2B4Z11UXISbAVCKqIcn95Y9qAY57FjH0m3RCSHDzlyD7VPPFU7%2BbsBVcwPb8NTc1XZtbvUNriRqsK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa71bdde0ffe-MRS

GET
H2 200 moment.min.js Show response
sleepingbag.originaldefense.com/common/libs/moment/ 52 KB
18 KB 633ms
630ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/libs/moment/moment.min.js
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd6a-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:22 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"761502841c035afcf6a9bdc5d0a20d11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3YVl6xWG3BaxxSY9V3Ng%2BkfD2ad7jmVRrqmNzPkm8N554ApJAaThIcSyWLSojVmOYCfInMUAG1S8N%2Bq1yPmBPoQ7Z3aRkqai6hUHUtINIF%2BPz87riB87TuBxN%2Fnne4w%2BKE2UakCxmyKW%2FdQJUZf2oFn3UX7UuSYlshI9vYU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa71bde00ffe-MRS

GET
H2 200 common.js Show response
sleepingbag.originaldefense.com/common/js/ 2 KB
2 KB 341ms
339ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/js/common.js
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a38e6003e7dda2740a7ea004b3f0097134fccd367fd0f742ecb2faa364d4c3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7b575-006271644a-319b1ee3-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"09e72022028cd75c2ad3a6daff0d7ec8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB8MjWXjLqgpHhNbeu8Ms43KuDT9NqtX4EuT2fVGvxR0yqVmF3tz9VtKZ4TvITpjtW8tlagQiXhdd%2Fp%2BurOro%2BhHo5x49dbSGTrMwpUQvceowv3tlWcu2LeOIcYsK5jaCUzgwO1zWeuAQ83gTPZhKHKd58RmjnXEaEkXU%2Fop"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa71bde10ffe-MRS

GET
H2 200 presell.js Show response
sleepingbag.originaldefense.com/blog/c/js/ 105 B
450 B 342ms
339ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/blog/c/js/presell.js
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be55f09457ef9ce1869d6e49e3c75b6a26c13476a1954f0abe991895be67018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd63-006271644a-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"52d0182d272ca89f89898316cf077370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j87XVOnsIcdilrlLEzI4yDHYs9zLHG%2BqBoJBjLd5sEPaQLeGAic%2BDO%2FCkUkI4yUsF2uW%2BJ%2FEuqRQ3W8SXg0H%2F%2Bw1i4JFKClozjjMsmrSBxGluy3DQYuhz8XSImA3yitVn5zuFRc8POLcdBBuBS08BoN62JuDq7hzPgUIXOK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa71bde20ffe-MRS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
72 KB 53ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c3f0b27f63454b8d1dd071e5ab3887ce3c36f148d4a1f7226f28b1a1d5151ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72719
x-xss-protection: 0
last-modified: Tue, 03 May 2022 16:46:03 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 17:20:10 GMT

GET
H/1.1 206
Partial Content SleepinG-bag-VSL%20%282%29.mp4
launchify-products-videos.s3.amazonaws.com/ 238 KB
0 695ms
179ms Media
video/mp4 52.219.112.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchify-products-videos.s3.amazonaws.com/SleepinG-bag-VSL%20%282%29.mp4
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.112.10 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://sleepingbag.originaldefense.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 03 May 2022 17:20:12 GMT
Last-Modified: Thu, 20 Jan 2022 00:58:47 GMT
Server: AmazonS3
x-amz-request-id: P98WPSTF4J20V1FV
ETag: "68635e6839c7b853ee46de05a6397d45"
Content-Type: video/mp4
Content-Range: bytes 0-19064507/19064508
Accept-Ranges: bytes
Content-Length: 19064508
x-amz-id-2: KROFKhGmtGS/ZHIakCdwGjhXwBbwzMCdtR2N15oxwKJHtVrR9cTi3b92YwV8ZUoy6TCZ2g5U7Z4=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 43ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D46PJW7MS9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bdda5ef4757015206941cfcbf9519c05607fc20cd4c409c6521e65cff647ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68856
x-xss-protection: 0
expires: Tue, 03 May 2022 17:20:10 GMT

GET
H2

200

11b26bf7-3826-432c-bf45-842c2d21441b_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/11b26bf7-3826-432c-bf45-842c2d21441b.js
https://cdn.mouseflow.com/projects/11b26bf7-3826-432c-bf45-842c2d21441b_eu.js

177 KB
50 KB

23ms
23ms

Script
application/javascript

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/11b26bf7-3826-432c-bf45-842c2d21441b_eu.js
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 0775d4917222456ee2f689e36ac87f086b31837b6be85ecc603326004e45a1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 15:01:09 GMT
server
etag: "93141aa4d950d81:0"
x-hw: 1651598410.cds080.lo4.hn,1651598410.cds003.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 51149

Redirect headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 15:01:07 GMT
server
etag: "b6af8fa2d950d81:0"
location: https://cdn.mouseflow.com/projects/11b26bf7-3826-432c-bf45-842c2d21441b_eu.js
x-hw: 1651598410.cds080.lo4.hn,1651598410.cds010.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 51148

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 49ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 May 2022 17:20:10 GMT

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 129ms
49ms Script
application/javascript 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=kdFdj57RL3WmDDRM17Yd2qmKdEG2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32446073
cf-ray: 705aaa72a9c8e903-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 497733
x-amz-id-2: EoC+aXVf7qM+X2bQeLgTe1dhaUHeGlDxFJJcsggxMBRHi3WC2uR7wYiQzaRt881mo3UZb28UmGU=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0y4ZSjIKyevuVYbLAU2EYxbHzgv6RuDjBs7LK8pVsnco5cX%2FTp76YA%2B8eYtvgQgoIFRYDPoEya27I1ztcgeWWXBZ9f5iX3r6McdnlGpbQbUwhTE3YHKqcW6RQ9adh1Zk6LH8P%2BaiWSggJUQbo7Z"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JK9RDNF6QN7ABMSX
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 61affcc9d44605001139b5b5 Show response
api.pushnami.com/scripts/v1/push/ 87 KB
18 KB 50ms
11ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/push/61affcc9d44605001139b5b5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: /
Resource Hash: 228e1c3a296e199ef77e3a76c0b9bcde2ac4edde258dca343a44f1502dee6b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 16:39:50 GMT
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
age: 2419
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
x-amz-cf-id: JsdIjgwYxs2s6SqcIewnpOw1MC1BvS80SjiamaDVP3ke9XhI2uffPQ==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 57ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=J5DRbx
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd8192f5c28a718f3217a54bdb6e0300dc2e554d1552e1c8cc43e6491bcbc007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: gzip
age: 843
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 995
x-served-by: cache-lga21926-LGA, cache-hhn4029-HHN
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1651598411.631433,VS0,VE1
etag: W/"9739fdae654320826e20de267dc8ad49"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: vpw5W+Ut1/DsW2Fl1ZF80bemxhWZyz0MgN8coG+JASD06di6r+DwHPVbLkjKFYTCrJ9KySoIo+Xk3XnNIB15pg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 695529498102551 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 164ms
153ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/695529498102551?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd0f6b03368eee4725e7427529cae4eb97da3fd0aba6290c4e58fadcc3796878

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 6CsVG2PjcwCKPI/PTnwO+tucCa5aiceWQahNx6KULhriakjZDEmqicaev6eC/jyKou2ANGNf5GlL0/npk3yaTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598410785
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10881562939/ 3 KB
2 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10881562939/?random=1651598410631&cv=9&fst=1651598410631&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&tiba=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd3d32705b8bcbcb97645c521eff10a9affa26cf341eafb662492a0cc3a4989e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1169
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/377018251/ 3 KB
1 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/377018251/?random=1651598410634&cv=9&fst=1651598410634&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&tiba=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d9996b67e023e2c461f16b3cb7e9e337030cfa065f6d25751899695aedee31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1167
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
358 B 36ms
13ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D46PJW7MS9&gtm=2oe520&_p=31521290&_z=ccd.tbB&cid=129614223.1651598411&ul=en-us&sr=1600x1200&_s=1&sid=1651598410&sct=1&seg=0&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&dt=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D46PJW7MS9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sleepingbag.originaldefense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 32ms
14ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D46PJW7MS9&gtm=2oe520&_p=31521290&_z=ccd.tbB&cid=129614223.1651598411&ul=en-us&sr=1600x1200&_s=2&sid=1651598410&sct=1&seg=0&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&dt=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&en=blog_view&_et=3&_eu=C
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D46PJW7MS9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sleepingbag.originaldefense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10881562939/ 42 B
548 B 49ms
22ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10881562939/?random=1651598410631&cv=9&fst=1651597200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&tiba=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&async=1&fmt=3&is_vtc=1&random=2231770526&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10881562939/ 42 B
548 B 47ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10881562939/?random=1651598410631&cv=9&fst=1651597200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&tiba=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&async=1&fmt=3&is_vtc=1&random=2231770526&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/377018251/ 42 B
108 B 51ms
26ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/377018251/?random=1651598410634&cv=9&fst=1651597200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&tiba=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&async=1&fmt=3&is_vtc=1&random=2506152506&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/377018251/ 42 B
108 B 127ms
102ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/377018251/?random=1651598410634&cv=9&fst=1651597200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg520&sendb=1&frm=0&url=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&tiba=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&async=1&fmt=3&is_vtc=1&random=2506152506&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame CD6B 325 B
813 B 528ms
500ms Document
text/html 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=kdFdj57RL3WmDDRM17Yd2qmKdEG2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

Referer: https://sleepingbag.originaldefense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, no-transform, public
cf-cache-status: DYNAMIC
cf-ray: 705aaa73cbe8e903-MXP
content-length: 325
content-type: text/html
date: Tue, 03 May 2022 17:20:11 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDxObAPlTk2zKwyCWdgVl2T2XUe9cdcf4I2Poew6zFtf9Em%2BtWBcGLyvDV6STVrqkxGgHeX0i%2FM1kjAE2kpT1gAnT5z3IeiDIEIvIMRCHIFKmpmVTi0y%2F7iTO0IxmBTaIT23pWgle646cV5f352X"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: ADvibyP1fS1xsERwY3LWRzs6v2gbdTIPgBBLBmYakd68By/qku/WYv7QuBaDGiiDkzwhvhm7tgs=
x-amz-request-id: P98NFWPQE0Q7YYT6
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713

GET
H2 200 fender_analytics.54aff834526cbb74a88b.js Show response
static-tracking.klaviyo.com/onsite/js/ 21 KB
8 KB 54ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.54aff834526cbb74a88b.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=J5DRbx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdd493b2d554581083780f815eeb3a018d4b09c0e69bd758f17595b7cc2b813c

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: fts1Dmk1ybvip.YKz0WlxQvkzRVm7A5Q
content-encoding: gzip
age: 857
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7502
x-amz-id-2: KppUceUIUl4qY+BFArlb7yAI47RSTYQ6zizx1X7x+dESs2F2Xdfdtk5towYU/AnmjkNiwMuZWHQ=
x-served-by: cache-lga21928-LGA, cache-hhn4059-HHN
last-modified: Tue, 03 May 2022 17:05:47 GMT
server: AmazonS3
etag: "61e44092fc70c86eec102c46e4aa2c43"
vary: Accept-Encoding
x-amz-request-id: 3WBXZMRX7V8G72XP
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 1, 1176

GET
H2 200 static.b13e49703aca35ecf5b2.js Show response
static-tracking.klaviyo.com/onsite/js/ 14 KB
6 KB 53ms
8ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.b13e49703aca35ecf5b2.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=J5DRbx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7e579f24aba05658e994f1e77d0b407d38b005098ae374766c9b5637705adc6

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: RIc2llmuUSwdkBeMwWfvHOf0XJbZVYZP
content-encoding: gzip
age: 858
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5901
x-amz-id-2: eN09S4VSDgt9WqOPNp+Hr5LWZcuJrKZUGDZEmiZsp0oL6t9BR92FIUidnghgnoyrn+Uty1/LFBQ=
x-served-by: cache-lga21963-LGA, cache-hhn4059-HHN
last-modified: Tue, 03 May 2022 17:05:47 GMT
server: AmazonS3
etag: "b4694bbfaccdc2a3767f4484613ca34e"
vary: Accept-Encoding
x-amz-request-id: 3WBMGHWVT3KJAJ67
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 1, 1187

GET
H2 200 sharedUtils.ff561fab190e2b43d73e.js Show response
static.klaviyo.com/onsite/js/ 32 KB
13 KB 24ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.ff561fab190e2b43d73e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=J5DRbx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57662dd3a4ef13631b858728c7a21781ada4a3f23b6dca28d8eff748ca556a31

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: HJOrYEFW7qC7JomCKogeqw8.L_6rL90q
content-encoding: gzip
age: 857
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12599
x-amz-id-2: otvGOPgc8DGXwhRtWPadO4jfcUMorjgqRrSOSw/TisPdaw2QrlutpCNbVq8GVSUEiU9wEah/7/c=
x-served-by: cache-lga21980-LGA, cache-hhn4075-HHN
last-modified: Wed, 27 Apr 2022 20:36:07 GMT
server: AmazonS3
etag: "6b6287b8a7de937ef8420282d81b36f6"
vary: Accept-Encoding
x-amz-request-id: 6RPMQPS6FW5X4P1Z
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 8102, 1051

GET
H2 200 vendors~signup_forms.b5694dce3b58fad4a583.js Show response
static.klaviyo.com/onsite/js/ 37 KB
13 KB 25ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.b5694dce3b58fad4a583.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=J5DRbx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a87583683c10458464479c3628bb473129f8adfd48a286b68382f81335f1d02

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: kPmAWgOi15BiMLo3WFQr.CGAOuFym1lL
content-encoding: gzip
age: 852
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12759
x-amz-id-2: 2Z9+95Zm8G2NU6sS8ZFqn80sVUKhljQ3uWGk52u1ZbnpMAiGxE3drqxbl+gEdEvDFlUHSqtltiY=
x-served-by: cache-lga13625-LGA, cache-hhn4075-HHN
last-modified: Tue, 03 May 2022 17:05:47 GMT
server: AmazonS3
etag: "d3a35578e41a8acd775d6f4541bd4df4"
vary: Accept-Encoding
x-amz-request-id: J5QT9JEYB8KEPM7X
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 1, 834

GET
H2 200 signup_forms.87d5c9f93fe3cb1fa249.js Show response
static.klaviyo.com/onsite/js/ 59 KB
20 KB 23ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.87d5c9f93fe3cb1fa249.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=J5DRbx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a74f029249c64ca1c0799cadca8ed7a1d2abbac633d0a6d937c372ab9ca5efd

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: F8oDphk8MPBougE3DDVgYic3pI52wytV
content-encoding: gzip
age: 857
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 20003
x-amz-id-2: jl/zdt7wS5vel68ioghTmXJPKi1rUfMiNqqjP0tMHAHz9DBdp768R3ktG5166kR/JQvhW/e5GIU=
x-served-by: cache-lga21974-LGA, cache-hhn4075-HHN
last-modified: Tue, 03 May 2022 16:21:48 GMT
server: AmazonS3
etag: "5de006f2eb0cb97a64ef9e0a17c92a75"
vary: Accept-Encoding
x-amz-request-id: HGZPP5A2PNPCFP36
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 0, 845

GET
H2 200 sentry.72c35c673102dbf675f0.js Show response
static.klaviyo.com/onsite/js/ 39 KB
14 KB 8ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.72c35c673102dbf675f0.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.87d5c9f93fe3cb1fa249.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2652f0c7c7b7905018e1a14dd565b946e15d9e7ac92e4b88cfbe54eeda8fa0d6

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: OYx9hgarlAcADJpd_z3npiVgW9HDTTV4
content-encoding: gzip
age: 857
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13733
x-amz-id-2: FNN3I9d6sQkPC8o2ihP3+Jc9J3sTqWUI82MddK0e99ir4HZYrhrhsKtfmyWw/NbwI+cXp20HWaQ=
x-served-by: cache-lga13628-LGA, cache-hhn4075-HHN
last-modified: Wed, 27 Apr 2022 20:36:07 GMT
server: AmazonS3
etag: "a8c2468bbb12338630abadf2b3aea3e6"
vary: Accept-Encoding
x-amz-request-id: PQA13S140XCQ4KHP
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 2, 670

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 711 B
1 KB 53ms
9ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=J5DRbx

Requested by

Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.b5694dce3b58fad4a583.js?cb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

50c8d27e3e975efa929feecf6a8f555f97011991fab377aecd75abf751178a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 1855850
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 711
x-served-by: cache-bos4646-BOS, cache-hhn4055-HHN
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v5/J5DRbx/ 131 KB
10 KB 65ms
23ms XHR
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v5/J5DRbx/full-forms
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.b5694dce3b58fad4a583.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbf71936d849369ca4f0a0c7d8a99892ba2d6996f69abb170aa85c47113715a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: E0t3vErOCv6tgoQN7aAkAkMHRZ7oIQjT
content-encoding: gzip
age: 1237452
via: 1.1 varnish
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/J5DRbx custom-fonts/J5DRbx
content-length: 10049
x-amz-id-2: 3CEnGOav8UVmueKcvccOihZAYLCBjIP81XGGZXTQUgf9nmCGUByoUYxP+ivXicUwcl1q90G75DQ=
x-served-by: cache-cdg20765-CDG
client-geo-country: DE
last-modified: Thu, 17 Mar 2022 17:47:06 GMT
server: AmazonS3
x-timer: S1651598411.974721,VS0,VE3
etag: "886efadb0456e06eb221588d6c469651"
vary: Accept-Encoding
x-amz-request-id: XR9GJFRSJTBE2YSB
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
date: Tue, 03 May 2022 17:20:10 GMT
x-cache-hits: 1

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
656 B 45ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 16:20:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 17:20:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 17:20:11 GMT

GET
H3 200 294551899315948 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 134ms
133ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/294551899315948?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bbf7042a9c3a25826cdb15c8ee8f693b07ef3b2e6b37c09ddda3373e19eeeda

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jVzIsKcLa5Pplo5D3HlvvEPwpX/J8H2aurfcPbv2gkLfH07vQZALAcRG+08X0c1fdZIZUm1V3yCiyHF9hN7xyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598411175
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 23ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=695529498102551&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598411042&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 03 May 2022 17:20:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 585281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:30 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 95 KB
16 KB 39ms
18ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=443152&u=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&f=1&r=0.17364972790790656
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 8e92b3b135356faf23e2008985808a01b240192c0eef7425ad5b44d4aab23ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3 200 everflow.js Show response
www.l4n2fytrk.com/scripts/sdk/ 58 KB
18 KB 126ms
109ms Script
text/javascript 35.244.245.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l4n2fytrk.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C632Z6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.245.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.245.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5444ba878bf014814c520ac7f2c282fed4785a6af5c6e404de474685d27da832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 10212475-d58c-4895-a022-38f92174e771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 disable-selection.css
sleepingbag.originaldefense.com/common/css/ 286 B
929 B 343ms
343ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sleepingbag.originaldefense.com/common/css/disable-selection.css
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/common/js/common.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90cf7c65dde1f1fc5784dd7f5710b9df23fd73742ce8e4b75545be1fedce14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000000f7cd74-006271644b-319b2aa6-nyc3c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Apr 2022 22:51:21 GMT
server: cloudflare
cache-control: public, max-age=691200, s-maxage=86400
etag: W/"cf212d72ca4c0ccf685aba2eeed6d20f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyJ12vxAjX2%2FwZNU5TJ3NWGHNuwIUtO2DIjQnYMquTEIotXxST2BwfuPoYQPnFeBRHm8q%2FW0HfKIKqCSQF%2BeixcMam4PxnZvSyx9K3WZwjcwx2lSvtviRWnp2uUKTRrVAnAXluo0WuCMztIUYVNefOXia6VpBu6bwAfVY4Qp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
x-rgw-object-type: Normal
cf-ray: 705aaa763c2f41f6-MRS

GET
H3 200 1027878784434769 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 132ms
131ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1027878784434769?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

514efefe086e4ebff20cf25d6b411ba7baae887d0f2a40a30bcd9aa297bd3df7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: NeHW2eqbm7aIRwgltPeJUFQThuCulNvIBWK8/Abg0R8IttOUo3CLcge+tm0rmVC+aSWNrw1s+pPLLSQPyN4y1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598411374
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294551899315948&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598411244&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:11 GMT

GET
H3 200 tag-710bd8030b9ce04d82ec4324ff10afac.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/ 221 KB
63 KB 19ms
9ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-710bd8030b9ce04d82ec4324ff10afac.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=443152&u=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&f=1&r=0.17364972790790656
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: da3131399e51d6e888f1979469e95e549b659abfbff3c16deeec5c86ae0dbcea

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
content-encoding: br
last-modified: Tue, 03 May 2022 11:24:42 GMT
server: gfra1
etag: "627110fa-fb09"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64265
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 106ms
97ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=443152&d=sleepingbag.originaldefense.com&u=D3362F5D02B27FE23A9779CA30B70A9F8&h=30d2329ad76fdc2f4df4b4b648e6caeb&t=false&r=0.4860776540447769

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:10 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 1 KB
750 B 10ms
10ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=443152&settings_type=3&vn=7.0&r=0.002059193666265946&u=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&exc=594|595|599|601|608|607|606|605|604|602|598|591|590|582|581|572|570|563|556|542
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-710bd8030b9ce04d82ec4324ff10afac.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 977fbbeae2b33f7b7f3b4fa90b8f2bb315e2192b89b3cd5044774056528a8e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 10ms
10ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=443152&settings_type=1&vn=7.0&r=0.687843976249976&exc=594|595|599|601|608|607|606|605|604|602|598|591|590|582|581|572|570|563|556|542
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-710bd8030b9ce04d82ec4324ff10afac.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 2b38583dcbb72adc6457fc9165372c2d21f4fd2a6298bb526f7b69f9df4afec3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 97ms
96ms Ping
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=601&account_id=443152&cu=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&combination=2&s=1&sId=1651598411&u=D3362F5D02B27FE23A9779CA30B70A9F8&ed=%7B%22tz%22%3A%22Etc%2FUnknown%22%2C%22tO%22%3A%220%22%2C%22lt%22%3A%221651598411381%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.209&vns=undefined&vno=undefined&eTime=1651598411395&random=0.06655835831379187

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-710bd8030b9ce04d82ec4324ff10afac.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 ezgif.com-gif-maker__4__wq9Xm5RC9.webp
ik.imagekit.io/pcaztueon7s/originaldefense/Sleeping_bag/ 224 KB
225 KB 275ms
18ms Image
image/webp 2600:9000:2315:9c00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/pcaztueon7s/originaldefense/Sleeping_bag/ezgif.com-gif-maker__4__wq9Xm5RC9.webp?ik-sdk-version=javascript-1.4.3&updatedAt=1650604649423
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0fe81303d0e50407aabb041c4c396f9dc788b64487884552f239f3603068259b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:16:33 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront), 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
age: 217
etag: W/"37f86-KTSIGctq1BStaYTuRLOG1VwvOZE"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 229254
x-amz-cf-id: TJnJPO47IU6TPfYlKy6kNsf7H9VHSUXgaUN7RPSeHnIHc0pnue6eLA==
x-request-id: 6638cc16-9db5-46f3-9be0-19012479d48f

GET
H2 200 homeless-person-snow_rkrSKAey7.webp
ik.imagekit.io/pcaztueon7s/originaldefense/Sleeping_bag/ 30 KB
30 KB 297ms
40ms Image
image/webp 2600:9000:2315:9c00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/pcaztueon7s/originaldefense/Sleeping_bag/homeless-person-snow_rkrSKAey7.webp?ik-sdk-version=javascript-1.4.3&updatedAt=1650604961896
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6268cda0c63c116c8063b698465b0c45bfd2e89c06ceac6d3019ad3ed10e1c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:16:33 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront), 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
age: 218
etag: W/"77ac-bzIgWYByDjgnucza8abb926YBxg"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 30636
x-amz-cf-id: jQMJF3Kx1njuKJfD_XfzAMp4R6oIM1vaPmk6aOoJoDSk_G0TJ0nB1A==
x-request-id: 71aa7b25-81d7-482c-b9a2-22a079d97276

GET
H2 200 ezgif.com-gif-maker__5__bGEy-0D4M.webp
ik.imagekit.io/pcaztueon7s/originaldefense/Sleeping_bag/ 2 MB
2 MB 313ms
57ms Image
image/webp 2600:9000:2315:9c00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/pcaztueon7s/originaldefense/Sleeping_bag/ezgif.com-gif-maker__5__bGEy-0D4M.webp?ik-sdk-version=javascript-1.4.3&updatedAt=1650605550901
Requested by: Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:9c00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 59a4bfa8291d9c8628abb5cbe45474c8f656f2239d7d8079234e0fc3dfa1c708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:16:33 GMT
via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront), 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
age: 217
etag: W/"198c78-jq/IJ5L+MuWPotdJYV9OHvE47Ec"
vary: Accept
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 1674360
x-amz-cf-id: 0erU9FVczaJIsSc9DbBs6JO0cRsTZZfPCangDBZLTu7NbjcLAmEitA==
x-request-id: b8f5f71e-7544-466c-a3f1-397c3db7aa22

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 96ms
95ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=443152&u=D3362F5D02B27FE23A9779CA30B70A9F8&s=1651598411&p=1&tags={%22si%22:{%22601%22:%222%22}}&update=1&cq=0&vn=7.0.209&vns=undefined&vno=undefined&_cu=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D4787851&eTime=1651598411425&random=0.9155908259578565

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 1098685447559052 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 142ms
141ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1098685447559052?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94d5ccc2be78d68f7203a5683416be19abcd480a8d4f6d3a30697432276565b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JwpLIvQvnWGZRFZz2c36QyVCKm4rHIG+R0ZNlBuA1MNnLvGg/1Bn+RqlN5u/f7B63tlqA2H58RIDdxEt0jvW6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598411584
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1027878784434769&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598411444&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:11 GMT

GET
H3 200 click Show response
www.l4n2fytrk.com/sdk/ 22 B
39 B 113ms
113ms Fetch
application/json 35.244.245.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.l4n2fytrk.com/sdk/click?effp=6bf5fbbc742b7d5c4e1a7ae629bd6911&_ef_transaction_id=&oid=221&affid=702&__cc=&async=json
Requested by: Host: www.l4n2fytrk.com
URL: https://www.l4n2fytrk.com/scripts/sdk/everflow.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.245.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.245.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa36f7b55e498e48e34e35e18ada3035fc59a6f1c4e48ae702097cb08ada6689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sleepingbag.originaldefense.com
access-control-allow-credentials: true
x-eflow-request-id: 19ff79bc-acec-4635-a4e3-8e32dc4ca79f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame CD6B 389 KB
114 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 12:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 12:49:05 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame CD6B 112 KB
112 KB 31ms
31ms Script
application/javascript 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32446066
cf-ray: 705aaa799d27e903-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114404
x-amz-id-2: i1lQEfrm/egCdmWBnlDgiNuzjVqr9uorTi3BBd210NmplUuIcDsjMwRA/z9WIycaRWVLVDL8vlE=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhp%2FWXf%2FEPHKwX4G36Yq1ahQQpazfo2Ix0W2YgsX4H0jIlDczbPfwNcJnoza%2BcsSpEd0KPaE7G4xKwdqB%2BAWmab6A8Mj%2FHOxxG1Nwau%2FpKfqmW1V1MDKX2%2BjDfGeTQk%2BuUV93dn5mpvZSkymhfsP"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: E4YFYS185ZAZA7AQ
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 tag-1a6cb79d9b921e9f733a3a9f91c43b90.js Show response
dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/ 668 B
329 B 10ms
10ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWpxdWVyeQ==/tag-710bd8030b9ce04d82ec4324ff10afac.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
content-encoding: br
last-modified: Tue, 03 May 2022 11:24:42 GMT
server: gfra1
etag: "627110fa-133"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 307
via: 1.1 google

GET
H3 200 192127986467439 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 148ms
148ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/192127986467439?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9414ea85ac8df0b67435681a4da467d3609db416e50b9443fbf4bf102075ae9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: W9wjXPCuu6yH6HWQa0nkqsBQP4zDglsLirFrPNhId0fOIo6zk8nHU36Nt+yjooc4oaJRckfFHkSS1LD65vpoRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598411949
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1098685447559052&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598411813&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:11 GMT

GET
H2 200 bce3b8dc27a0074789027ee6d2da2fc5.js Show response
cdn.pushcrew.com/js/ 247 KB
70 KB 232ms
175ms Script
application/javascript 2606:4700:10::6814:3777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushcrew.com/js/bce3b8dc27a0074789027ee6d2da2fc5.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkcGM6MS4w/tag-1a6cb79d9b921e9f733a3a9f91c43b90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e5903e73c72de9c0a8e081758e67496b123e5cce35f12a81266444ef25f2eb

Request headers

Referer: https://sleepingbag.originaldefense.com/
Origin: https://sleepingbag.originaldefense.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 01 Jun 2020 11:37:54 GMT
server: cloudflare
etag: W/"5ed4e892-3dcf7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=43200
cf-ray: 705aaa7a4e56cc4e-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
via: 1.1 google
expires: Tue, 03 May 2022 17:50:11 GMT

GET
H2 200 kdFdj57RL3WmDDRM17Yd2qmKdEG2 Show response
api.useproof.com/pixel/ Frame CD6B 218 B
1 KB 518ms
421ms XHR
application/json 2606:4700:3032::ac43:dff2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/kdFdj57RL3WmDDRM17Yd2qmKdEG2?url=https:%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de290b509fb7d60851f096416f25322bdfbce6c6a6c29cb837dd0a7589ce63e1

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
via: 1.1 44aa14c615d6930b2c331c9cf4c7c3b6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 218
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date: Tue, 03 May 2022 17:20:12 GMT
x-amz-cf-pop: MRS52-P4
x-amzn-requestid: 94869e86-ba13-4f19-b409-de06d4a5847d
surrogate-control: no-store
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: Rjyb8HdHoAMFX5w=
pragma: no-cache
server: cloudflare
etag: W/"da-beXg8J8ZmTW7CwRlTqVBYmQ8eeE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AD%2Bqrl0CkHuOU6B%2F4uK5nckghZeS5xnKL0VaOsfyx1qsW2ACJp5XnGjlPyrviISI5oM5rg8zV2PtnhEAKiPdiKnej7lcSB06KzAHjrgUHJnuAiBtISW7TnAzEoi6Mi%2FAKoJo9GHUH2JSIkXZqXI"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 705aaa7b2e3c0fd2-MRS
x-amz-cf-id: _Kxyyoo1fFchsz_y54-gd1CtNWcRZvamaN-OwUK1GFpvW4PzozrXlg==
x-amzn-remapped-connection: keep-alive
expires: 0

GET
H3 200 5131865706826891 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 141ms
140ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5131865706826891?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3291f5b57484b4da143bdb8e190134fd8e4b998b0cf872253a5bbd8dbada7919

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UwsTcyq0WLzAYJaRA0/ouS2Vt1+0WAx2Nh45DDDsiZhu8PPuuc7x6jDZTjL5mJvzsb+JQlzRpGg1r7NRmlcq2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598412184
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192127986467439&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412044&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

GET
H3 200 304737751675333 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 217ms
217ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304737751675333?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b9a915174a988374b206857a7448391fef6baf76001c6552112d0c2472312fc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: v8q2sTNHEWoXzSdOCRp0IXXd3wjjjlZ3khwtISCAqWWV220ZYXLHLyJsCyM7igsP3x0hFS4stHaKBst4agBohQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598412467
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5131865706826891&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412252&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 392ms
95ms Preflight 3.229.186.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.186.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-186-102.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cdn.useproof.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Connection: keep-alive
Content-Length: 0
Date: Tue, 03 May 2022 17:20:12 GMT
Server: Cowboy
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame CD6B 0
200 B 98ms
98ms XHR
text/plain 3.229.186.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.186.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-186-102.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Tue, 03 May 2022 17:20:12 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame CD6B 72 B
794 B 355ms
277ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522kdFdj57RL3WmDDRM17Yd2qmKdEG2%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25229734f7e3-c591-4c92-ae59-260a76d61c8f%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fsleepingbag.originaldefense.com%252Fblog%252Fc%253FaffID%253D702%2526C1%253D10362%2526C2%253DXMkfgdeihgrt%2526C3%253D%2526C4%253D%2526C5%253D478785145%2526click_id%253D512be9dd8dde4dc989a887e01a15f215%2522%252C%2522cleanUrl%2522%253A%2522sleepingbag.originaldefense.com%252Fblog%252Fc%2522%252C%2522domain%2522%253A%2522sleepingbag.originaldefense.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fsleepingbag.originaldefense.com%252Fblog%252Fc%253FaffID%253D702%2526C1%253D10362%2526C2%253DXMkfgdeihgrt%2526C3%253D%2526C4%253D%2526C5%253D478785145%2526click_id%253D512be9dd8dde4dc989a887e01a15f215%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 581a133afc4cc6ab2290f7fb22b276e6e10a6466fe400e87be1a0d16e1be5363

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"48-dt7PQwjXU5TsJ7g8sobxVM1+mrQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYVLa0Tc9xJezwUNVWnJHWCyYYu7OHKQavSSsx9%2FOqf4l5H4lkfKYfYKAzxgjr6K29cfP2r2ebjhHDPomJu40GoUdI7Ies6616WxmMruQr8TBGWG9zQIaQInLfgBA2KLBCQlWyCjOc6tOZoN%2FYB5J6Upu2F5"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-credentials: true
cf-ray: 705aaa7e582ef917-MXP
access-control-allow-headers: X-Requested-With,content-type

GET
H3 200 2032290756945173 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 137ms
137ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2032290756945173?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf3a778a3f6d6b21a3b340ce5f81698d549ad46b7cc45c262db9bb3b3ec280da

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 68pb1g5YbZ6tBiyNDVSKiwL2g1+BuguZalqL0obT+znryb6e+AZS3b0LBeJ4BycG087/PxRv230TDY2DwtIs/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598412657
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304737751675333&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412522&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

GET
H3 200 649465579429854 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 135ms
134ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/649465579429854?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e957ab249af745a8b1d531409cc4a72d44e390ec649d4ebdf453c760d428813d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ETXxg0qOWI7ePIgtbd7NWHA2yfkC9BAPl0fg/fzZKmZ3FyRc6KFTuP/cxa4WEPcHt+oZCcbHvTVIP5zClDhXCw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 17:20:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651598412825
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2032290756945173&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412692&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649465579429854&ev=PageView&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412895&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=695529498102551&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412896&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=294551899315948&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412896&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: sleepingbag.originaldefense.com
URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 13B0 2 KB
1 KB 11ms
10ms Document
text/html 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/61affcc9d44605001139b5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-105.dus51.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://sleepingbag.originaldefense.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 232
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Tue, 03 May 2022 17:16:20 GMT
vary: accept-encoding
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-amz-cf-id: MiektPkxSG5eVntPCzZe-tlJVT5Bt8XzwZ8P7uQF0u6gteMjwTjTow==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H3 200 httpFront-v4.css
cdn.pushcrew.com/css/ 19 KB
4 KB 53ms
28ms Stylesheet
text/css 2606:4700:10::6814:3777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushcrew.com/css/httpFront-v4.css
Requested by: Host: cdn.pushcrew.com
URL: https://cdn.pushcrew.com/js/bce3b8dc27a0074789027ee6d2da2fc5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594604c48df08a8fb7ee88f0971442f3bd2136b71aeccfabcc3cdca8c97880e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 601
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Wed, 29 Apr 2020 04:28:27 GMT
server: cloudflare
etag: W/"5ea9026b-4b38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 google
cache-control: max-age=43200
cf-ray: 705aaa810b432397-ZRH
expires: Tue, 03 May 2022 17:40:11 GMT

GET
H3 200 96c26992-384d-4c0e-a18d-d402aaafd63a.png
cdn.pushcrew.com/img/logos/bce3b8dc27a0074789027ee6d2da2fc5/ 484 B
895 B 49ms
24ms Image
image/webp 2606:4700:10::6814:3777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushcrew.com/img/logos/bce3b8dc27a0074789027ee6d2da2fc5/96c26992-384d-4c0e-a18d-d402aaafd63a.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f740bec322db09273c8f659b6d6498f61cef8db1123317f127f4a7c0a26e306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
via: 1.1 google
cf-cache-status: HIT
age: 22358
cf-polished: origFmt=png, origSize=1686
content-disposition: inline; filename="96c26992-384d-4c0e-a18d-d402aaafd63a.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 484
last-modified: Wed, 30 Oct 2019 01:42:43 GMT
server: cloudflare
etag: "5db8ea93-696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 705aaa810b412397-ZRH
cf-bgj: imgq:85,h2pri

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1027878784434769&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598412946&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:12 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
234 B 100ms
99ms Fetch
text/html 3.211.250.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/61affcc9d44605001139b5b5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.250.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-250-57.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://sleepingbag.originaldefense.com/
key: 61affcc9d44605001139b5b5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://sleepingbag.originaldefense.com
date: Tue, 03 May 2022 17:20:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 751ms
100ms Preflight
application/json 3.211.250.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.250.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-250-57.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://sleepingbag.originaldefense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://sleepingbag.originaldefense.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 03 May 2022 17:20:13 GMT
vary: accept-encoding

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1098685447559052&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598413336&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192127986467439&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598413546&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5131865706826891&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598413753&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:13 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304737751675333&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598414023&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2032290756945173&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598414194&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649465579429854&ev=Microdata&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&rl=&if=false&ts=1651598414396&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%2C%22meta%3Adescription%22%3A%22Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1651598411041.2033747061&it=1651598410622&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:20:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 17:20:14 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 122ms
122ms Fetch
text/html 18.207.50.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/61affcc9d44605001139b5b5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-50-145.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://sleepingbag.originaldefense.com/
key: 61affcc9d44605001139b5b5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 03 May 2022 17:20:14 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 295ms
97ms Preflight 18.207.50.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-50-145.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://sleepingbag.originaldefense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Tue, 03 May 2022 17:20:14 GMT

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 138ms
138ms Fetch
text/html 18.207.50.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/61affcc9d44605001139b5b5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-50-145.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://sleepingbag.originaldefense.com/
key: 61affcc9d44605001139b5b5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 03 May 2022 17:20:14 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 95ms
94ms Preflight 18.207.50.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.50.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-50-145.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://sleepingbag.originaldefense.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Tue, 03 May 2022 17:20:14 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 29ms
14ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-D46PJW7MS9&gtm=2oe520&_p=31521290&_z=ccd.tbB&ul=en-us&cid=129614223.1651598411&sr=1600x1200&_s=3&dl=https%3A%2F%2Fsleepingbag.originaldefense.com%2Fblog%2Fc%3FaffID%3D702%26C1%3D10362%26C2%3DXMkfgdeihgrt%26C3%3D%26C4%3D%26C5%3D478785145%26click_id%3D512be9dd8dde4dc989a887e01a15f215&dt=Snowmageddon%20Traps%20Hundreds%20For%2020%2B%20Hours.%20How%20One%20Family%20Stayed%20Warm%20%26%20Alive!&sid=1651598410&sct=1&seg=0&en=blog_view
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D46PJW7MS9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sleepingbag.originaldefense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 17:20:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sleepingbag.originaldefense.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mumkt.com/	1969-12-31 23:59:59	Name: sid Value: tjYnHJU377uw2S36d/3reRl9++OzqCUTQDXY0Rrd/yXNPHcRaFH5Mw==
.mumkt.com/	1970-01-20 20:19:16	Name: trk Value: o8ZKx+VhZWkzBTVtksPT8hl9++OzqCUTQDXY0Rrd/yXNPHcRaFH5Mw==
.mumkt.com/	1970-01-20 03:29:50	Name: c25744 Value: tjYnHJU377uQdoMCmgM33/+Xy0XseqBRbJivrc4fEcs8eBGUI9rwVw==
www.l4n2fytrk.com/	1970-01-20 03:29:50	Name: uniqueClick_D87J2S Value: 652e35e5-7802-45de-83c3-10b9e2aae099:1651598409
www.l4n2fytrk.com/	1970-01-20 04:56:14	Name: transaction_id Value: 512be9dd8dde4dc989a887e01a15f215
.originaldefense.com/	1970-01-20 20:17:50	Name: _ga_D46PJW7MS9 Value: GS1.1.1651598410.1.0.1651598410.0
.originaldefense.com/	1970-01-20 20:17:50	Name: _ga Value: GA1.1.129614223.1651598411
.doubleclick.net/	1970-01-20 02:46:39	Name: test_cookie Value: CheckForPermission
.originaldefense.com/	1969-12-31 23:59:59	Name: mf_11b26bf7-3826-432c-bf45-842c2d21441b Value: \|.-2623162843.1651598410705\|1651598410705\|\|0\|\|\|0\|0\|82.49532
sleepingbag.originaldefense.com/	1970-01-20 20:17:50	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NTE1OTg0MTEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vc2xlZXBpbmdiYWcub3JpZ2luYWxkZWZlbnNlLmNvbS9ibG9nL2M/YWZmSUQ9NzAyJkMxPTEwMzYyJkMyPVhNa2ZnZGVpaGdydCZDMz0mQzQ9JkM1PTQ3ODc4NTE0NSZjbGlja19pZD01MTJiZTlkZDhkZGU0ZGM5ODlhODg3ZTAxYTE1ZjIxNSJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTY1MTU5ODQxMSwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9zbGVlcGluZ2JhZy5vcmlnaW5hbGRlZmVuc2UuY29tL2Jsb2cvYz9hZmZJRD03MDImQzE9MTAzNjImQzI9WE1rZmdkZWloZ3J0JkMzPSZDND0mQzU9NDc4Nzg1MTQ1JmNsaWNrX2lkPTUxMmJlOWRkOGRkZTRkYzk4OWE4ODdlMDFhMTVmMjE1In19
.originaldefense.com/	1970-01-20 04:56:14	Name: _fbp Value: fb.1.1651598411041.2033747061
.facebook.com/	1970-01-20 04:56:14	Name: fr Value: 0NSPCAu6mAByaHnME..BicWRL...1.0.BicWRL.
sleepingbag.originaldefense.com/	1970-01-20 02:56:43	Name: affid Value: 702
.sleepingbag.originaldefense.com/	1970-01-20 11:33:40	Name: _vwo_uuid_v2 Value: D3362F5D02B27FE23A9779CA30B70A9F8\|30d2329ad76fdc2f4df4b4b648e6caeb
.originaldefense.com/	1970-01-20 05:10:38	Name: _vis_opt_s Value: 1%7C
.originaldefense.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.originaldefense.com/	1970-01-23 18:22:38	Name: _vwo_uuid Value: D3362F5D02B27FE23A9779CA30B70A9F8
.originaldefense.com/	1970-01-20 04:56:14	Name: _vwo_ds Value: 3%241651598411%3A79.61330075%3A%3A
.originaldefense.com/	1970-01-20 02:46:40	Name: _vwo_sn Value: 0%3A1%3A%3A%3A1
sleepingbag.originaldefense.com/	1970-01-30 02:46:38	Name: _wingify_pc_uuid Value: fdcf3b3852684b398062919acbb2a2cc
.originaldefense.com/	1970-01-20 05:10:38	Name: _vis_opt_exp_601_combi Value: 2
sleepingbag.originaldefense.com/	1970-01-30 02:46:38	Name: wingify_donot_track_actions Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://sleepingbag.originaldefense.com/blog/c?affID=702&C1=10362&C2=XMkfgdeihgrt&C3=&C4=&C5=478785145&click_id=512be9dd8dde4dc989a887e01a15f215 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.proofapi.com
api.pushnami.com
api.useproof.com
cdn.mouseflow.com
cdn.pushcrew.com
cdn.useproof.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ik.imagekit.io
images.dmca.com
launchify-products-videos.s3.amazonaws.com
live-visitor-counts.herokuapp.com
mumkt.com
psp.pushnami.com
sale.finddchomesforsale.com
sleepingbag.originaldefense.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
travel.exceltravelbiz.com
trc.pushnami.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.l4n2fytrk.com
108.157.4.105
142.250.186.98
151.101.194.133
151.101.2.133
151.101.66.133
151.139.128.11
151.139.242.29
18.207.50.145
194.163.164.144
23.229.68.39
2600:9000:2315:9c00:15:c281:3500:93a1
2606:4700:10::6814:3777
2606:4700:3032::ac43:dff2
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::7
2a06:98c1:3121::7
3.211.250.57
3.229.186.102
34.96.102.137
35.244.245.136
52.0.28.73
52.219.112.10
019e0b79dbd492c5981eea78d76e7546b07e8d53c91321f66591b175a41e9149
03fc2304d03a4c61f96b5ce6ecca112bbd65dda43345fff70c70a9c41d9a8d6f
0775d4917222456ee2f689e36ac87f086b31837b6be85ecc603326004e45a1df
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0bdda5ef4757015206941cfcbf9519c05607fc20cd4c409c6521e65cff647ef3
0fe81303d0e50407aabb041c4c396f9dc788b64487884552f239f3603068259b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118e6bdf6f27f036c403b4a24d9c7c698fc1400fc1f53e96110f954c3b21c973
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16bba5b1acc991672a15d2ca47fb64496be23c206a9291b44f6e04747b81694c
1b6d13dbd24cd4242242e1237c1a3f76e1c3bd57109daae3704b13c0fe3da584
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
228e1c3a296e199ef77e3a76c0b9bcde2ac4edde258dca343a44f1502dee6b63
2652f0c7c7b7905018e1a14dd565b946e15d9e7ac92e4b88cfbe54eeda8fa0d6
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2b38583dcbb72adc6457fc9165372c2d21f4fd2a6298bb526f7b69f9df4afec3
2fc8986f1086961a0b730538f1717f4e5d77e57b7fed8cc31fa479ac2f919bca
3291f5b57484b4da143bdb8e190134fd8e4b998b0cf872253a5bbd8dbada7919
37f749e231fa824c2d8036a4d1eb927d409a16295ff3aea9f503435ae6e24903
3b9a915174a988374b206857a7448391fef6baf76001c6552112d0c2472312fc
3bbf7042a9c3a25826cdb15c8ee8f693b07ef3b2e6b37c09ddda3373e19eeeda
3f740bec322db09273c8f659b6d6498f61cef8db1123317f127f4a7c0a26e306
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
48e5903e73c72de9c0a8e081758e67496b123e5cce35f12a81266444ef25f2eb
4cd774eb0302fa7eca2939daf88bd9a9b96981c6112bc2118591dae1cd913bbe
50c8d27e3e975efa929feecf6a8f555f97011991fab377aecd75abf751178a9c
514efefe086e4ebff20cf25d6b411ba7baae887d0f2a40a30bcd9aa297bd3df7
5444ba878bf014814c520ac7f2c282fed4785a6af5c6e404de474685d27da832
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57662dd3a4ef13631b858728c7a21781ada4a3f23b6dca28d8eff748ca556a31
581a133afc4cc6ab2290f7fb22b276e6e10a6466fe400e87be1a0d16e1be5363
594604c48df08a8fb7ee88f0971442f3bd2136b71aeccfabcc3cdca8c97880e5
59a4bfa8291d9c8628abb5cbe45474c8f656f2239d7d8079234e0fc3dfa1c708
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a74f029249c64ca1c0799cadca8ed7a1d2abbac633d0a6d937c372ab9ca5efd
5a87583683c10458464479c3628bb473129f8adfd48a286b68382f81335f1d02
5cd8ad3df84b1ac7593cbee6a221a51e70181d37e7c896ffc3b3a9ce188d21b6
6118fb7d4bea7c51b307e21e4dd29678426dc9ee05f09de43cf4e486905138b0
6268cda0c63c116c8063b698465b0c45bfd2e89c06ceac6d3019ad3ed10e1c0d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6c3f0b27f63454b8d1dd071e5ab3887ce3c36f148d4a1f7226f28b1a1d5151ab
6e1f2e0970c3d1d6cdacfecdd613ce1c42990ea5d4a9a85fe6f0700d20a96634
6ea6bde0f0b455e1f0aadd60767ebc8bc3f0f6f7a766599a27f7115cafd83b52
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7a38e6003e7dda2740a7ea004b3f0097134fccd367fd0f742ecb2faa364d4c3a
7d9996b67e023e2c461f16b3cb7e9e337030cfa065f6d25751899695aedee31c
7f6ca4d3aeef97e31517c58bb50345e18d2c58fe9c8c7d3068a0a02ec5bc5db1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bb14fa8268d01d25d3ecb1847f1dc8662e1f2251fa8b55725fff648c6f6df6f
8be55f09457ef9ce1869d6e49e3c75b6a26c13476a1954f0abe991895be67018
8e92b3b135356faf23e2008985808a01b240192c0eef7425ad5b44d4aab23ce2
94d5ccc2be78d68f7203a5683416be19abcd480a8d4f6d3a30697432276565b3
977fbbeae2b33f7b7f3b4fa90b8f2bb315e2192b89b3cd5044774056528a8e8a
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
a90cf7c65dde1f1fc5784dd7f5710b9df23fd73742ce8e4b75545be1fedce14a
aa36f7b55e498e48e34e35e18ada3035fc59a6f1c4e48ae702097cb08ada6689
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
bbf71936d849369ca4f0a0c7d8a99892ba2d6996f69abb170aa85c47113715a5
bd0d94e92d5af6ded38287baf77d44b50d7a5db03e44610f501a868b18dd51ff
bd0f6b03368eee4725e7427529cae4eb97da3fd0aba6290c4e58fadcc3796878
bdd493b2d554581083780f815eeb3a018d4b09c0e69bd758f17595b7cc2b813c
c7e579f24aba05658e994f1e77d0b407d38b005098ae374766c9b5637705adc6
cd3d32705b8bcbcb97645c521eff10a9affa26cf341eafb662492a0cc3a4989e
cf3a778a3f6d6b21a3b340ce5f81698d549ad46b7cc45c262db9bb3b3ec280da
d124b2677c3926aade843a50196c61e8e6bd095b364c893b756ffe3aaeb71bc5
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
da3131399e51d6e888f1979469e95e549b659abfbff3c16deeec5c86ae0dbcea
dd8192f5c28a718f3217a54bdb6e0300dc2e554d1552e1c8cc43e6491bcbc007
de290b509fb7d60851f096416f25322bdfbce6c6a6c29cb837dd0a7589ce63e1
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9414ea85ac8df0b67435681a4da467d3609db416e50b9443fbf4bf102075ae9
e957ab249af745a8b1d531409cc4a72d44e390ec649d4ebdf453c760d428813d
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc741b546a3c05c9cfe8a74fcc40116839709eb8d701c5e031b1507a39bf4822

sleepingbag.originaldefense.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

99 %HTTPS

48 %IPv6

26 Domains

33 Subdomains

29 IPs

2 Countries

4429 kBTransfer

8484 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

sleepingbag.originaldefense.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

99 %
HTTPS

48 %
IPv6

26
Domains

33
Subdomains

29
IPs

2
Countries

4429 kB
Transfer

8484 kB
Size

22
Cookies

109 HTTP transactions
7 data transactions