www.retire29.com Open in urlscan Pro
143.95.75.215 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Submission: On June 21 via manual (June 21st 2021, 6:11:42 am UTC) from US

Summary HTTP 78 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 17 domains to perform 78 HTTP transactions. The main IP is 143.95.75.215, located in United States and belongs to ASMALLORANGE1, US. The main domain is www.retire29.com.

This is the only time www.retire29.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	143.95.75.215 143.95.75.215	62729 (ASMALLORA...) (ASMALLORANGE1)
6	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1 3	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.32.23.71 70.32.23.71	55293 (A2HOSTING) (A2HOSTING)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	184.73.100.94 184.73.100.94	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	34.204.113.242 34.204.113.242	14618 (AMAZON-AES) (AMAZON-AES)
1	107.20.140.231 107.20.140.231	14618 (AMAZON-AES) (AMAZON-AES)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
78	23

8 143.95.75.215 (United States)

ASN62729 (ASMALLORANGE1, US)
PTR: ip-143-95-75-215.iplocal

www.retire29.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

apps.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

1.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.93 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.32.23.71 (United States)

ASN55293 (A2HOSTING, US)
PTR: mi3-ts4.a2hosting.com

www.modestmoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.113.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-113-242.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.140.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	229 KB
8	doubleclick.net googleads.g.doubleclick.net	177 KB
8	wp.com i1.wp.com i2.wp.com s0.wp.com stats.wp.com pixel.wp.com	26 KB
8	retire29.com www.retire29.com	256 KB
7	ampproject.org cdn.ampproject.org	124 KB
5	gstatic.com fonts.gstatic.com	74 KB
5	stackpathcdn.com m9m6e2w5.stackpathcdn.com	104 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	media.net 1 redirects contextual.media.net lg3.media.net	144 KB
3	shareaholic.com apps.shareaholic.com analytics.shareaholic.com partner.shareaholic.com	5 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	gravatar.com 1.gravatar.com 2.gravatar.com	4 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	shareaholic.net www.shareaholic.net	2 KB
1	modestmoney.com www.modestmoney.com
78	17

	Domain	Requested by
12	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	www.retire29.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.retire29.com	www.retire29.com m9m6e2w5.stackpathcdn.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	m9m6e2w5.stackpathcdn.com	apps.shareaholic.com m9m6e2w5.stackpathcdn.com www.retire29.com
3	i1.wp.com	www.retire29.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	contextual.media.net	1 redirects www.retire29.com
2	i2.wp.com	www.retire29.com
2	fonts.googleapis.com	www.retire29.com m9m6e2w5.stackpathcdn.com
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	pixel.wp.com	www.retire29.com
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	lg3.media.net	www.retire29.com
1	www.shareaholic.net	apps.shareaholic.com
1	stats.wp.com	www.retire29.com
1	s0.wp.com	www.retire29.com
1	www.modestmoney.com	www.retire29.com
1	2.gravatar.com	www.retire29.com
1	1.gravatar.com	www.retire29.com
1	apps.shareaholic.com	www.retire29.com
78	27

This site contains links to these domains. Also see Links.

Domain
time.com
en.wikipedia.org
www.carechoice.net.au
www.inssavers.com
www.boostcredit101.com
www.passive-income-pursuit.com
www.facebook.com
www.bluehost.com
www.modestmoney.com
www.mhthemes.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-31` - `2022-05-31`	a year	crt.sh
*.shareaholic.net R3	`2021-06-11` - `2021-09-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
shareaholic.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.shareaholic.com R3	`2021-06-11` - `2021-09-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Frame ID: 490026191B3C131D02BC35078B12B705
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: 724B16134D34B2B20AB7A62CB02F4DDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=280&slotname=4328356287&adk=3779967890&adf=2391313477&pi=t.ma~as.4328356287&w=678&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=678x280&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875592&bpp=143&bdt=459&idt=303&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3210477304046&frm=20&pv=2&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TTxG2ADc9D&p=http%3A//www.retire29.com&dtd=321
Frame ID: 157A178369678794F240EC368D70B970
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&adk=3826760629&adf=1341073466&lmt=1624255875&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&ea=0&flash=0&pra=7&wgl=1&dt=1624255875936&bpp=2&bdt=802&idt=2&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=17
Frame ID: 776030724C5D71216DD4AB1054DEC217
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149
Frame ID: B09324B765965F8F3313C1B32FB42E7F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C3368E8479578F13FC4F68D955004EAB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs
Frame ID: 2BEAF75635084F41DAEAD82AF37C9915
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js
Frame ID: 44089A69B60D0F8A1CC5265B94A668B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 79619A60079C674A33D656E9CCC007C7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C688A8413922504B3FE92C2852F4EC19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<link[^>]+s\d+\.wp\.com/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

78
Requests

81 %
HTTPS

50 %
IPv6

17
Domains

27
Subdomains

23
IPs

3
Countries

1215 kB
Transfer

3059 kB
Size

4
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://time.com/money/4988450/early-retirement-our-next-life-bloggers/
Title: Money

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Godwin%27s_law
Title: Godwin’s Law

Search URL Search Domain Scan URL

URL: https://www.carechoice.net.au/disability-services/supported-independent-living/
Title: supported independent living

Search URL Search Domain Scan URL

URL: https://www.inssavers.com/
Title: insurance

Search URL Search Domain Scan URL

URL: https://www.boostcredit101.com/tradelines/
Title: site

Search URL Search Domain Scan URL

URL: https://www.passive-income-pursuit.com/
Title: JC

Search URL Search Domain Scan URL

URL: https://www.facebook.com/the.real.retire29
Title: Connect on Facebook

Search URL Search Domain Scan URL

URL: http://www.bluehost.com/track/retiret5/
Title:

Search URL Search Domain Scan URL

URL: http://www.modestmoney.com/top-finance-blogs/

Search URL Search Domain Scan URL

URL: http://www.mhthemes.com/
Title: MH Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://contextual.media.net/nmedianet.js?cid=8CU4534M2 HTTP 302
https://contextual.media.net/nmedianet.js?cid=8CU4534M2

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

78 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/ 33 KB
11 KB 2105ms
1692ms Document
text/html 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: 5c21cc9d616dfc57d041e25321949df844218d9f269ba5137197e9ce79366e04

Request headers

Host: www.retire29.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Mon, 21 Jun 2021 06:11:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 10870
Connection: keep-alive
X-UA-Compatible: IE=edge
X-Pingback: http://www.retire29.com/xmlrpc.php
Link: <http://www.retire29.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/p54cJq-GM>; rel=shortlink
Referrer-Policy
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK shareaholic.js Show response
apps.shareaholic.com/assets/pub/ 9 KB
4 KB 57ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://apps.shareaholic.com/assets/pub/shareaholic.js
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e41b5c219c3dd6a023fc44ec280a9f6f0ff03c26d1bf3a4e3a543e262cbf1a4

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jun 2021 17:01:21 GMT
Server: nginx
x-amz-request-id: JFC3T21XWCPBEZ2V
ETag: "f38fd1472abcd1f5e8561ceda2c8341e"
X-HW: 1624255875.cds130.fr8.h2,1624255875.cds250.fr8.c
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1200, public
Connection: keep-alive
Accept-Ranges: bytes
X-Hello-Human: Join the fun! Apply at www.shareaholic.com/jobs
Content-Length: 3707
x-amz-id-2: p//YtiJtOOVkKbxgdawHXTluDBb3CGpz3I4qseGFpLC5AKoWscQ2PO3JBwUOtDyfpFC/yhe6zZo=

GET
H/1.1 200
OK autoptimize_0a48dd3f5db2fead98799bcc81f16595.css
www.retire29.com/wp-content/cache/autoptimize/css/ 223 KB
62 KB 164ms
163ms Stylesheet
text/css 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.retire29.com/wp-content/cache/autoptimize/css/autoptimize_0a48dd3f5db2fead98799bcc81f16595.css
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: 86c6951054a3d12cf7ae329c975568361b133690e19f5090058e4a7dce86bfd0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Thu, 11 Mar 2021 06:17:25 GMT
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=30672000, public, immutable
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 11 Jun 2022 06:11:15 GMT

GET
H/1.1 200
OK dashicons.min.css
www.retire29.com/wp-includes/css/ 45 KB
28 KB 312ms
299ms Stylesheet
text/css 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.retire29.com/wp-includes/css/dashicons.min.css?ver=4.9.16
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Tue, 24 Jul 2018 05:12:48 GMT
Server: nginx/1.18.0
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28645

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 35ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e4c6e21c4dc4230954cf7338212d2d72d95f47c5321d165706dbf4a14bca843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 05:45:58 GMT
server: ESF
date: Mon, 21 Jun 2021 06:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 06:11:15 GMT

GET
H/1.1 200
OK cropped-Retire29-Banner1.jpg
www.retire29.com/wp-content/uploads/2015/09/ 84 KB
84 KB 163ms
159ms Image
image/jpeg 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.retire29.com/wp-content/uploads/2015/09/cropped-Retire29-Banner1.jpg
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: 5ab0d2a08c2a2adb6f9f1cda7aaa0698795e3e0277fde16030d0213bee59d60a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Referrer-Policy
Last-Modified: Mon, 24 Jul 2017 15:15:59 GMT
Server: nginx/1.18.0
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86247

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 30ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 21 Jun 2021 06:11:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2918852401321146490
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48867
X-XSS-Protection: 0
Expires: Mon, 21 Jun 2021 06:11:15 GMT

GET
H2 200 Im-33-Years-Old.jpg
i1.wp.com/www.retire29.com/wp-content/uploads/2018/07/ 10 KB
10 KB 132ms
83ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.retire29.com/wp-content/uploads/2018/07/Im-33-Years-Old.jpg?resize=80%2C60

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

79e2d84feaa3f917ed7be08901e5e155d0b036438f3f4745e80733f908d4cc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Mon, 21 Jun 2021 06:11:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 06:11:15 GMT
server: nginx
etag: "88865bf81fc317e0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.retire29.com/wp-content/uploads/2018/07/Im-33-Years-Old.jpg>; rel="canonical"
content-length: 9838
expires: Wed, 21 Jun 2023 18:11:15 GMT

GET
H/1.1 200
OK d99f6a8df21fdfac01a25cf209c93032
1.gravatar.com/avatar/ 2 KB
2 KB 157ms
147ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://1.gravatar.com/avatar/d99f6a8df21fdfac01a25cf209c93032?s=80&d=identicon&r=x
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca694aaafd1163f69c80f7456a8dc8bab473edccdcfc24949d99e46bbdaa050c

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-nc: MISS hhn 2
Date: Mon, 21 Jun 2021 06:11:15 GMT
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Server: nginx
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.gravatar.com/avatar/d99f6a8df21fdfac01a25cf209c93032?s=80&d=identicon&r=x>; rel="canonical"
Content-Length: 2042
Expires: Mon, 21 Jun 2021 06:16:15 GMT

GET
H/1.1 200
OK CL91_default.png
www.retire29.com/wp-content/plugins/commentluv/images/ 4 KB
4 KB 303ms
288ms Image
image/png 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.retire29.com/wp-content/plugins/commentluv/images/CL91_default.png
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: 91679a11226f9c1be4c725632668c3a21b8b20b5a3da0843a61ee7cfeedd2adb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Referrer-Policy
Last-Modified: Mon, 24 Jul 2017 15:07:36 GMT
Server: nginx/1.18.0
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4224

GET
H/1.1 200
OK down-arrow.gif
www.retire29.com/wp-content/plugins/commentluv/images/ 124 B
359 B 308ms
293ms Image
image/gif 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.retire29.com/wp-content/plugins/commentluv/images/down-arrow.gif
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: e4ba631e34d2dbd017a682454ba0eac410f45b020600a650a6047c7a0df23d52

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Referrer-Policy
Last-Modified: Mon, 24 Jul 2017 15:07:37 GMT
Server: nginx/1.18.0
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124

GET
H2 200 Puppy-christmas-free-license-cc0-314x224.jpg
i2.wp.com/www.retire29.com/wp-content/uploads/2015/01/ 662 B
995 B 68ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.retire29.com/wp-content/uploads/2015/01/Puppy-christmas-free-license-cc0-314x224.jpg?fit=314%2C224&resize=40%2C40

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

0a329d4e9223455584c339875ab9560874921dee96e298aab067f2e7795d3523

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 21 Jun 2021 06:11:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:53:55 GMT
server: nginx
etag: "4ee1891034cb3a22"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.retire29.com/wp-content/uploads/2015/01/Puppy-christmas-free-license-cc0-314x224.jpg>; rel="canonical"
content-length: 662
expires: Sat, 10 Jun 2023 20:53:55 GMT

GET
H2 200 3-Stocks-You-Can-Own-Forever.png
i2.wp.com/www.retire29.com/wp-content/uploads/2016/04/ 2 KB
3 KB 117ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/www.retire29.com/wp-content/uploads/2016/04/3-Stocks-You-Can-Own-Forever.png?fit=1024%2C768&resize=40%2C40

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

4df1ce5fc80c34d790e52b83e94602fedcd11f3715c3902ddd24e3003d65242b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Mon, 21 Jun 2021 06:11:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 06:11:15 GMT
server: nginx
etag: "5254ce5c0fa00d40"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.retire29.com/wp-content/uploads/2016/04/3-Stocks-You-Can-Own-Forever.png>; rel="canonical"
content-length: 2448
expires: Wed, 21 Jun 2023 18:11:15 GMT

GET
H2 200 Before-You-Step-First-Look-Where-Youre-Standing.png
i1.wp.com/www.retire29.com/wp-content/uploads/2016/03/ 2 KB
3 KB 1169ms
1160ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/www.retire29.com/wp-content/uploads/2016/03/Before-You-Step-First-Look-Where-Youre-Standing.png?fit=800%2C800&resize=40%2C40

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

37667c6ccf601e16a9fe91b18b44806c45351df0a73870ec30a71852e7f96716

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Mon, 21 Jun 2021 06:11:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 06:11:16 GMT
server: nginx
etag: "a950e2f09216b849"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.retire29.com/wp-content/uploads/2016/03/Before-You-Step-First-Look-Where-Youre-Standing.png>; rel="canonical"
content-length: 2510
expires: Wed, 21 Jun 2023 18:11:16 GMT

GET
H/1.1 200
OK 5bedf918dd270501ae8de5a181bba41c
2.gravatar.com/avatar/ 2 KB
2 KB 13ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://2.gravatar.com/avatar/5bedf918dd270501ae8de5a181bba41c?s=40&d=identicon&r=x
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a0c4236a83c25b5425dedcd337161c790e99e8b4f2ad31c530747cf974ae339

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-nc: HIT hhn 1
Date: Mon, 21 Jun 2021 06:11:15 GMT
Last-Modified: Thu, 11 Jun 2015 20:56:35 GMT
Server: nginx
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Content-Disposition: inline; filename="5bedf918dd270501ae8de5a181bba41c.jpeg"
Connection: keep-alive
Accept-Ranges: bytes
Link: <https://www.gravatar.com/avatar/5bedf918dd270501ae8de5a181bba41c?s=40&d=identicon&r=x>; rel="canonical"
Content-Length: 1586
Expires: Mon, 21 Jun 2021 06:16:15 GMT

GET
H2

200

nmedianet.js Show response
contextual.media.net/
Redirect Chain

http://contextual.media.net/nmedianet.js?cid=8CU4534M2
https://contextual.media.net/nmedianet.js?cid=8CU4534M2

443 KB
144 KB

152ms
100ms

Script
text/javascript

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU4534M2

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

788e4bf52dc4f31715dcfbfea31592ec6667aca22bc0671dc90a9a31e199b722

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 8-9
content-encoding: gzip
server: Apache
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag: "f244828ce53374dea6b21a574f94e9dc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Mon, 21 Jun 2021 06:11:15 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-33
expires: Mon, 21 Jun 2021 06:16:15 GMT

Redirect headers

Location: https://contextual.media.net/nmedianet.js?cid=8CU4534M2
Date: Mon, 21 Jun 2021 06:11:15 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=604800

GET
H2 200 bh-120x120-03-dy.png
i1.wp.com/bluehost-cdn.com/media/partner/images/retiret5/120x120/ 3 KB
4 KB 22ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bluehost-cdn.com/media/partner/images/retiret5/120x120/bh-120x120-03-dy.png

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1950966d81d025096a4d66e30fd06d8c29226809c7a4efdf2eafc3a236c7e7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Mon, 21 Jun 2021 06:11:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:53:55 GMT
server: nginx
etag: "433211430cc0c6b2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://bluehost-cdn.com/media/partner/images/retiret5/120x120/bh-120x120-03-dy.png>; rel="canonical"
content-length: 3410
expires: Sat, 10 Jun 2023 20:53:55 GMT

GET
H/1.1 200
OK badge_gen.php
www.modestmoney.com/image5/ 0
0 278ms
248ms Image
text/html 70.32.23.71
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.modestmoney.com/image5/badge_gen.php?id=656
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 70.32.23.71 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: mi3-ts4.a2hosting.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 67ms
19ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202125
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
server: nginx
etag: W/"5867460b-52b6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 2.hhn _dfw
timing-allow-origin: *
expires: Mon, 20 Jun 2022 15:30:52 GMT

GET
H2 200 e-202125.js Show response
stats.wp.com/ 9 KB
3 KB 62ms
19ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202125.js
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 12 Jun 2022 22:18:06 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/887a62c5/ 177 KB
51 KB 84ms
28ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/main.js
Requested by: Host: apps.shareaholic.com
URL: http://apps.shareaholic.com/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b861ec53a159fcebc757130acfed28809f7a4575195c3d4efd99d0208dff289

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 17:01:18 GMT
server: nginx
x-amz-request-id: SQSZ0RX79RQE9PXJ
etag: "b0e38b552bbf9efbb98955b4bd297ff4"
x-hw: 1624255875.cds055.fr8.hn,1624255875.cds222.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 52297
x-amz-id-2: tgye0X+vcAl3Dq82kLZnbi1j7AIYJ4xHVMBrx6TEhMQIpLFEZIQXIUaa940fc44AVLOc6fWi62A=

GET
H2 200 7d7453b6092fdd90424372eb376b83b1.json Show response
www.shareaholic.net/config/ 11 KB
2 KB 419ms
139ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/7d7453b6092fdd90424372eb376b83b1.json
Requested by: Host: apps.shareaholic.com
URL: http://apps.shareaholic.com/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8c02e01019953b9b4bd151e08045720496db3367e7b494623cfa0a8f286843

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo-country: CZ,Czechia
date: Sun, 20 Jun 2021 10:01:23 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-length: 1599
server: nginx
x-client-geo-region
x-client-geo-metrocode
etag: W/"4d8c02e01019953b9b4bd151e0804572"
access-control-max-age: 2000
x-client-geo-city
x-varnish: 469049113 450220988
via: 1.1 varnish (Varnish/6.0)
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-zip
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: *
x-client-geo-latlong: 50.084800,14.411200

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame 724B 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210616/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.retire29.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.retire29.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 20 Jun 2021 19:18:49 GMT
expires: Sun, 04 Jul 2021 19:18:49 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 39146
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.retire29.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 17:35:44 GMT
x-content-type-options: nosniff
age: 131731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 17:35:44 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.retire29.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:33:17 GMT
x-content-type-options: nosniff
age: 175078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:33:17 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.retire29.com/wp-content/themes/mh-magazine-lite/fonts/ 65 KB
65 KB 309ms
296ms Font
application/octet-stream 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.retire29.com/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/wp-content/cache/autoptimize/css/autoptimize_0a48dd3f5db2fead98799bcc81f16595.css
Protocol: HTTP/1.1
Server: 143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),
Reverse DNS: ip-143-95-75-215.iplocal
Software: nginx/1.18.0 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Pragma: no-cache
Origin: http://www.retire29.com
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.retire29.com/wp-content/cache/autoptimize/css/autoptimize_0a48dd3f5db2fead98799bcc81f16595.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.retire29.com
Referer: http://www.retire29.com/wp-content/cache/autoptimize/css/autoptimize_0a48dd3f5db2fead98799bcc81f16595.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Content-Encoding: gzip
Referrer-Policy
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 34ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.retire29.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 07:00:55 GMT
x-content-type-options: nosniff
age: 169820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 07:00:55 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
14 KB 35ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.retire29.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 20:36:54 GMT
x-content-type-options: nosniff
age: 120861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 20:36:54 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ 233 KB
87 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5779747347442617&plah=www.retire29.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88106
x-xss-protection: 0
server: cafe
etag: 14514754445097133811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 06:11:15 GMT

GET
H2 200 flping.php
lg3.media.net/ 35 B
189 B 34ms
27ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?pid=8POH18U68&prid=8PRHGG6T9&gdpr=1&action=16&reason=9&cid=8CU4534M2&cc=CZ&ugd=4&requrl=http%253A%252F%252Fwww.retire29.com%252Fanyone-can-retire-early-just-look-at-this-loser%252F&domain=www.retire29.com&vi=1624255875934964738&hvsid=00001624255875862015054758405318&gdpr=1&vgd_end=1

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 21 Jun 2021 06:11:15 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 21 Jun 2021 06:11:15 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
659 B 84ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.retire29.com&callback=_gfp_s_&client=ca-pub-5779747347442617

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5779747347442617&plah=www.retire29.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

10db628aae7e1b67199cb4bb95e926c990de0d232a30c7c9683da4e4fbb054b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.retire29.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.retire29.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 157A 327 KB
150 KB 610ms
610ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=280&slotname=4328356287&adk=3779967890&adf=2391313477&pi=t.ma~as.4328356287&w=678&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=678x280&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875592&bpp=143&bdt=459&idt=303&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3210477304046&frm=20&pv=2&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TTxG2ADc9D&p=http%3A//www.retire29.com&dtd=321

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

755dcf0b78f6d8f12f3a4eb688e28195a80d3e60ed2c302813387f29899d9032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5779747347442617&output=html&h=280&slotname=4328356287&adk=3779967890&adf=2391313477&pi=t.ma~as.4328356287&w=678&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=678x280&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875592&bpp=143&bdt=459&idt=303&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3210477304046&frm=20&pv=2&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TTxG2ADc9D&p=http%3A//www.retire29.com&dtd=321
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.retire29.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.retire29.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Jun 2021 06:11:16 GMT
server: cafe
content-length: 152907
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 21-Jun-2021 06:26:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Jun 2021 06:11:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Mon, 21 Jun 2021 06:11:15 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 38ms
38ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-5779747347442617&c=8&e=2570847921467975139&n=0&t=0&w=1708&x=3

Requested by

Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 06:11:15 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
380 B 354ms
116ms Ping
image/gif 34.204.113.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.113.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-113-242.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 06:11:16 GMT
vary: Origin
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin: http://www.retire29.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-security-policy: referrer always
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7760 0
19 B 16ms
15ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&adk=3826760629&adf=1341073466&lmt=1624255875&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&ea=0&flash=0&pra=7&wgl=1&dt=1624255875936&bpp=2&bdt=802&idt=2&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5779747347442617&output=html&adk=3826760629&adf=1341073466&lmt=1624255875&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&ea=0&flash=0&pra=7&wgl=1&dt=1624255875936&bpp=2&bdt=802&idt=2&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.retire29.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.retire29.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Jun 2021 06:11:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 21-Jun-2021 06:26:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Jun 2021 06:11:15 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B093 61 KB
22 KB 549ms
548ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80a31a680b5547d22649f60f98c9eb4392fde54666decaaf4037476c9540760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.retire29.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.retire29.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Jun 2021 06:11:16 GMT
server: cafe
content-length: 22861
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 21-Jun-2021 06:26:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Jun 2021 06:11:16 GMT
cache-control: private

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 40ms
27ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A6.3.2&blog=74883936&post=2652&tz=-4&srv=www.retire29.com&host=www.retire29.com&ref=&fcp=2794&rand=0.17215268705094378
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: HTTP/1.1
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:15 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 sharebuttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/887a62c5/ 138 KB
29 KB 28ms
28ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/sharebuttons.js
Requested by: Host: apps.shareaholic.com
URL: http://apps.shareaholic.com/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d7f69569a48ee858f5c13abb9a549b189cf265f51c1bd7a831a348f8a578d20

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 17:01:18 GMT
server: nginx
x-amz-request-id: JFCC39Q8HT65ATFP
etag: "3cbd31336004f77a1c3890ac72027085"
x-hw: 1624255876.cds055.fr8.hn,1624255876.cds141.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 29967
x-amz-id-2: mJUiEDfBy2AmFqsYuknhNE7Ds8qYPJGzEXRlPSsoglfvSRd6c+ubiM+DsKP54ijyKy1kWHOt/NY=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 358ms
127ms Script
application/javascript 107.20.140.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&cl=en-US&id_sync=4cf5a70b-24a0-4343-9824-fd9afe941f44&minify=1&site=7d7453b6092fdd90424372eb376b83b1
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-140-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 06:11:16 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 422 B
427 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Shadows+Into%20Light&display=swap

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75933255bb57864e50e41474bc6d67a2ea442d88c63dea7e4b50627d40cc0446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 04:26:56 GMT
server: ESF
date: Mon, 21 Jun 2021 06:11:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 06:11:16 GMT

GET
H2 200 arrow_version_1.svg Show response
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/ 2 KB
1 KB 85ms
31ms Fetch
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/arrow_version_1.svg
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/sharebuttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
x-amz-request-id: SQST67K480BP6JW3
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
content-length: 992
x-amz-id-2: FxOP3jp1JGyB1uFln2Fa3lX9k2eJBvN5ZTNjonmxiWRJvcO0qBLm8rflHv+NYBbk5AgB0EGV6bg=
last-modified: Mon, 17 May 2021 22:31:36 GMT
server: nginx
etag: "65040d5636978b7e56e7db1e463c43f6"
access-control-max-age: 2000
x-hw: 1624255876.cds053.fr8.hn,1624255876.cds013.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: ETag, Access-Control-Allow-Origin
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H3-29 200 UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2
fonts.gstatic.com/s/shadowsintolight/v10/ 16 KB
16 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/shadowsintolight/v10/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Shadows+Into%20Light&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7106ac4056a90e6943627d4c041fca5fc4b60312211715a455f5dddf29bf108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.retire29.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 13:17:02 GMT
x-content-type-options: nosniff
age: 147254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16288
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:51:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 13:17:02 GMT

GET
H2 200 shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 20 KB
21 KB 80ms
31ms Font
font/woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by: Host: www.retire29.com
URL: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Origin: http://www.retire29.com
Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
x-amz-request-id: SQSS89YM6W7DS6DM
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
content-length: 20572
x-amz-id-2: u2qSe5CsOofn3ZuFbbEihw9g99HWCP4J2Q+Vxofj262Q7ty6IaIygpMcFX+mb7FjxWAl8X9si0Q=
last-modified: Mon, 17 May 2021 22:31:36 GMT
server: nginx
etag: "0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
access-control-max-age: 2000
x-hw: 1624255876.cds053.fr8.hn,1624255876.cds254.fr8.c
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: ETag, Access-Control-Allow-Origin
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 arrow_version_1.svg Show response
m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/ 2 KB
1 KB 66ms
38ms Fetch
image/svg+xml 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/images_0ecbeeff/share-buttons/share-arrows/1/arrow_version_1.svg
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/sharebuttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
x-amz-request-id: SQST67K480BP6JW3
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
content-length: 992
x-amz-id-2: FxOP3jp1JGyB1uFln2Fa3lX9k2eJBvN5ZTNjonmxiWRJvcO0qBLm8rflHv+NYBbk5AgB0EGV6bg=
last-modified: Mon, 17 May 2021 22:31:36 GMT
server: nginx
etag: "65040d5636978b7e56e7db1e463c43f6"
access-control-max-age: 2000
x-hw: 1624255876.cds053.fr8.hn,1624255876.cds013.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: ETag, Access-Control-Allow-Origin
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H/1.1 200
OK admin-ajax.php Show response
www.retire29.com/wp-admin/ 73 B
538 B 1062ms
1062ms Fetch
application/json 143.95.75.215
ASMALLORANGE1

General

Check archive.org

Show headers Download Go to

Full URL

http://www.retire29.com/wp-admin/admin-ajax.php?action=shareaholic_share_counts_api&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&services%5B%5D=twitter&services%5B%5D=facebook&services%5B%5D=pinterest

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/887a62c5/main.js

Protocol

HTTP/1.1

Server

143.95.75.215 , United States, ASN62729 (ASMALLORANGE1, US),

Reverse DNS

ip-143-95-75-215.iplocal

Software

nginx/1.18.0 /

Resource Hash

42998baf457e4f37f9b171fabe977dcfe609a403582aa671955b489b651984d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.retire29.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
Cookie: session_depth=www.retire29.com%3D1%7C%3D1; __gads=ID=10a207e712843885-224d2d0c0ec9003d:T=1624255875:RT=1624255875:S=ALNI_MYRnqOmylo6vM_tVSKWExvSkUjHYQ
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.retire29.com/anyone-can-retire-early-just-look-at-this-loser/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 06:11:17 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=180
Connection: keep-alive
X-Robots-Tag: noindex
Vary: Accept-Encoding
Content-Length: 83
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 9756258966417124820
tpc.googlesyndication.com/simgad/ Frame B093 32 KB
32 KB 34ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9756258966417124820?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlIWzqDf2DXf9E6nQUn04bMNXusMA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a507777da05d355135e1150a08714f05b6a9225dda02b7f8ade5d59a26dfff15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 03:35:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 00:43:42 GMT
server: sffe
age: 182143
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33041
x-xss-protection: 0
expires: Sun, 19 Jun 2022 03:35:33 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame B093 17 KB
7 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 06:02:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame B093 3 KB
2 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 06:10:41 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B093 122 KB
37 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 06:11:16 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame B093 13 KB
6 KB 30ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 06:06:05 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame B093 25 KB
11 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a783598f3cc86a4d73a813cedd5f6cbdf85ab7b95c4d40944a30c833071aa18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 16:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
server: cafe
etag: 7233769875026612745
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Jul 2021 16:14:48 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B093 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdflRgy3QYKraO5SR7gPZ46uAA8TWh_piwaWLmt0Nv-EeEAEghZbKJGCViriCyAegAZuI0Z8DyAECqQLiB2L-duezPqgDAcgDyQSqBOIBT9CVbfigGmXwqR8JVNtz_g_R3ezJgcC1OAbJUvxMKsT1VIWgPrN8Reo9oPXNyRwRlmtaQOgf7TazomTF0k6MW14eyGZu_PXbzzWpRI4Aq413-YeopeheM5E0hol1WVXC5mVe_jDSNouJzVMKeJixXClhlvgf5378cQ6DhRNhbfiWnYOx4s1KpRsJLv7ahZNHBbhsVfuwLuFYWwbXg23PVf9CVZGC_dD4UZDsFSECnzUz6CrdokmBc-5LDY8jcBCtWwqLc9ffrufHfbNAMenq6Wnz2g7sHMNqcmYmpfHZ0T_cp8AEyrrolYkDkgUECAQYAZIFBAgFGASgBgKAB833rmCoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQpdIp0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshcaChgIABIUcHViLTU3Nzk3NDczNDc0NDI2MTc&sigh=VGeotZvaGuI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 21 Jun 2021 06:11:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Jun 2021 06:11:16 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 157A 67 B
196 B 17ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=280&slotname=4328356287&adk=3779967890&adf=2391313477&pi=t.ma~as.4328356287&w=678&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=678x280&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875592&bpp=143&bdt=459&idt=303&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3210477304046&frm=20&pv=2&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TTxG2ADc9D&p=http%3A//www.retire29.com&dtd=321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 13:57:45 GMT
x-content-type-options: nosniff
server: cafe
age: 58411
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 21 Jun 2021 13:57:45 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C336 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmn3JRfFYoeYb0qWuV0sGDcUo8ZzTrnpC70QpEfpuBZqSvTjp3t03xd7YQHX8s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=250&slotname=4328356287&adk=1402987441&adf=1307837935&pi=t.ma~as.4328356287&w=326&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=326x250&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875813&bpp=12&bdt=680&idt=146&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=678x280%2C0x0&nras=1&correlator=3210477304046&frm=20&pv=1&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=NsmcCNYbQ5&p=http%3A//www.retire29.com&dtd=149

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 21 Jun 2021 05:51:12 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B093 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27f366c5d4c25cdf8abe2984b8f32b26f73e12e3572a58dc0b5494a37992c8af

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012105281634000/ Frame 2BEA 191 KB
55 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55221
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8af8bfef65693cad"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2BEA 12 KB
5 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4567
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ca56b057322a8584"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2BEA 87 KB
27 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27321
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3f2374642481d921"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2BEA 70 KB
16 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1ba766fc90938edcf83a09e20470fe15a9fd042b6c84054f435a3356cc5951

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 150949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16310
x-xss-protection: 0
server: sffe
date: Sat, 19 Jun 2021 12:15:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "158bd8931ca66e3a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:15:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2BEA 4 KB
2 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "514585efdf5d56f0"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012105281634000/v0/ Frame 2BEA 41 KB
13 KB 38ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 522118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13144
x-xss-protection: 0
server: sffe
date: Tue, 15 Jun 2021 05:09:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db4e8fd655d0c88e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 05:09:18 GMT

GET
DATA 200
OK truncated
/ Frame 2BEA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c568d964a653f2b3e4aecc0ba9788d24e6a608842ca12d7450af36165e4670

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BEA 2 KB
2 KB 21ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 10:27:05 GMT
x-content-type-options: nosniff
server: cafe
age: 71051
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 21 Jun 2021 10:27:05 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BEA 295 B
319 B 20ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 75865
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 21 Jun 2021 09:06:51 GMT

GET
DATA 200
OK truncated
/ Frame 2BEA 96 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aafeda6b1eb7fe07d2a1ba9dc23ee8eb5478e9e39b50deb9c05e4a804015a163

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 2BEA 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 455214a09feaeffccb894e6543961a28d01c3d0aca23fa579ce187b9074cd853

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2BEA 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a28daa4df1d9d2cc5e5c3e9f2bb8a9ab38b84a73caca8eeab24df1591cea2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C336
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmn3JRfFYoeYb0qWuV0sGDcUo8ZzTrnpC70QpEfpuBZqSvTjp3t03xd7YQHX8s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Jun 2021 06:11:16 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 21-Jun-2021 07:11:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Jun 2021 06:11:16 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Jun 2021 06:11:16 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4408 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 16:27:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 16:27:37 GMT

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012105281634000/ 21 KB
7 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012105281634000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa7d53f661b18cb0324ee1eb4c94731444e115605e394a0010fa95965350767

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7449
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 05:11:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "df25cb4800b5f2c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 05:11:30 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BEA 2 KB
2 KB 7ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 10:27:05 GMT
x-content-type-options: nosniff
server: cafe
age: 71051
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 21 Jun 2021 10:27:05 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2BEA 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 20 Jun 2021 09:06:51 GMT
x-content-type-options: nosniff
server: cafe
age: 75865
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 21 Jun 2021 09:06:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 36ms
23ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d1c146c7278b1d01dc1e6585f840b3eb37e7cf4c4dbd109e93d48e43142313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7928
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:11:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 21 Jun 2021 06:11:16 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2BEA 0
17 B 17ms
17ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtKPXgy3QYNrgOMWU7_UP8aCXKJXu369jvYfOqvIN3Yynva0CEAEghZbKJGCViriCyAegAbbCkJoDyAEJqQLiB2L-duezPqgDAcgDCKoE4QFP0MNuN4dBO1kwI6wEhnaEc_TfCZQ6ZN6QwNPBlGigQexErTwTxW4ap5n6Tk-dsn5j6ZjH9ooMhCNkCifOrablI-9DBFqIiYQ-g2ymUT8RZzbGtmsdyTF9U8dCRLu55P51afeMZKL418CxYJRhaPtA6_Oh-z862kQQIGMz873bbnpj1EreVz-DhYGrXOYEg1Hx_N94J_yvlVcuSlZqFY3Ma9luVhjoOf85YgrFJHUexYzDUmDb9ksBDj6RZNT9Um36XIeHgHYQpAZjgfDkwqb-_JbNw6XMruF6dT70PnpFk_TABKq-sK7LA5IFBAgEGAGSBQQIBRgEoAYugAeyve9lqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEN-1DNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi01Nzc5NzQ3MzQ3NDQyNjE3&sigh=_JGVbJqj4Tc&template_id=419&cbvp=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=280&slotname=4328356287&adk=3779967890&adf=2391313477&pi=t.ma~as.4328356287&w=678&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=678x280&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875592&bpp=143&bdt=459&idt=303&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3210477304046&frm=20&pv=2&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TTxG2ADc9D&p=http%3A//www.retire29.com&dtd=321
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 21 Jun 2021 06:11:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 7961 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.retire29.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.retire29.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 20 Jun 2021 16:07:40 GMT
expires: Mon, 20 Jun 2022 16:07:40 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 50616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C688 783 B
533 B 34ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13fd6e558df2f472cab3abb89cce96a3d5db526b839a15a989fd9fc8cc70f20e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ub3dwl8+Xn9GzxFGUHxFQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.retire29.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.retire29.com/

Response headers

expires: Mon, 21 Jun 2021 06:11:16 GMT
date: Mon, 21 Jun 2021 06:11:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ub3dwl8+Xn9GzxFGUHxFQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7961 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 16:27:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jun 2022 16:27:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=795920342759181&bg=!hoWlhcHNAAZktE7iZLQ7ACkAdvg8WktOvvRJsBnsGa4oy1Xv76ThziRugiflaSSROjr_XFO9QjsnBgIAAABlUgAAAA5oAQcKAGjKCwABuiaIAKJ-NlnkmSKSZNunqG9YOX6m4IzyZXNnPnvPhSohZtXk5fKxZoxZuw6zT_5NCPyd6fQbMqqKl-McChTZxQ2PsHZK4vY6FHaMXQQIL2qSze5L1U5gbVnHVYyaqTb3sQ8MMJkCcngxbpY2mk5anNABcPcBQvGoOoCx0Sya1yzAlfDCW1YE4dlLZQO13pVYN7rVVo7DJSOqVzwjgwzw8OfjT9ZQbx9cmVF5GtkYataT8pyCihRd1UShgYqhgldYHfpJgsp7o02n5HWp5OzO5g9SkbEP6s9VKf8EwkfIh1pBJRlcC_VqUUjfz6FjdEJf-sKwx6hza2Lj_hbeuBNc0OZ_GYQGDd4RJqgfsIVGYLfzL_rgOsn7yKQk5PUTEQpye8U3ZH6JwDPZPv5Tej9uFUxiqyuvTKK33_cdmrSYfHiHmY1EcIsgOen6Ego7nEfRp-55b-W-ywUyCUhL1mVEs3rVGDdCmLF9__mYTBvof5stJJB5GJhB86J2uzcPCiMkhNjg17iw92BLDuztgxQ1Nj8_4wDDMMgLvEKUfBdSy0_RCYH5Yk_dertaPf9gwTRzV4Cbnf4KNLsOkjLlftyA9SlAvDuEtEyjnVVPQKUuELWX6ze8DmByLdxDzmuYcSvACOr8oW1VqYNSVoBPlzxrVAoh007A6lHFzR50Nwfs1DY3aHYtN8YKYiDx8wC2RtQfv-hj27frPHZukp7V5X7IAbs2GOqNBBHqgehPDFUu1MRfgHSTR8z9KiGbkCQR1WCzAAKB6zGRzNmdbLSsa3jP69vhgzmZcGwhtA716kttkHzSAHr9EnHulK3Und-Id2lQTouBH1d4CU3A1ycIZqsAIOVk5yvObjgA2ss_Bz61r1vEHFHdhyQIYg7IewyUdycEsQzQB-5457Ub7fPx_4UnXn-aeqwEGhHa45FA8NXlVW_FkY7F3BmJYvD6zPwKGI7X0Jchnqjhl9fP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.retire29.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 06:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B093 42 B
518 B 59ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOqy51J-xXZk6ikp4SD391-9eYPGbdZmB8GIpbuaEtTArEg9XvBJFJu-iR4SmKZ5uAREqSFjKogc2uc5XLf89gtVqpRh3C-8I8RrJPyf9eNKMFthfPE_luL1WrTQ&sai=AMfl-YT7tu44XwAx0B6vN9G-jkIQXert6Zh1qr5PH2YEFBb2Pf7ECACP4RHOkbkFFVcl2CPTMgNNuQe1NAJ7&sig=Cg0ArKJSzK-2JhR_cdyiEAE&id=lidar2&mcvt=1000&p=556,1002,806,1302&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1402987441&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1624255875964&dlt=553&rpt=71&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 06:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:10:59	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:32:31	Name: IDE Value: AHWqTUmn3JRfFYoeYb0qWuV0sGDcUo8ZzTrnpC70QpEfpuBZqSvTjp3t03xd7YQHX8s
.retire29.com/	1970-01-20 04:32:31	Name: __gads Value: ID=10a207e712843885-224d2d0c0ec9003d:T=1624255875:RT=1624255875:S=ALNI_MYRnqOmylo6vM_tVSKWExvSkUjHYQ
www.retire29.com/	1970-01-19 19:10:57	Name: session_depth Value: www.retire29.com%3D1%7C%3D1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012105281634000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105281634000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5779747347442617&output=html&h=280&slotname=4328356287&adk=3779967890&adf=2391313477&pi=t.ma~as.4328356287&w=678&fwrn=4&fwrnh=100&lmt=1624255875&rafmt=1&psa=0&format=678x280&url=http%3A%2F%2Fwww.retire29.com%2Fanyone-can-retire-early-just-look-at-this-loser%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1624255875592&bpp=143&bdt=459&idt=303&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=3210477304046&frm=20&pv=2&ga_vid=798938637.1624255876&ga_sid=1624255876&ga_hid=582830327&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=3747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060839&oid=3&pvsid=795920342759181&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=TTxG2ADc9D&p=http%3A//www.retire29.com&dtd=321

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.gravatar.com
2.gravatar.com
adservice.google.com
adservice.google.de
analytics.shareaholic.com
apps.shareaholic.com
cdn.ampproject.org
contextual.media.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.wp.com
i2.wp.com
lg3.media.net
m9m6e2w5.stackpathcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
pixel.wp.com
s0.wp.com
stats.wp.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.modestmoney.com
www.retire29.com
www.shareaholic.net
107.20.140.231
142.250.184.226
143.95.75.215
151.139.128.11
184.73.100.94
192.0.76.3
192.0.77.2
192.0.77.32
2.18.235.93
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a04:fa87:fffe::c000:4902
34.204.113.242
70.32.23.71
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a329d4e9223455584c339875ab9560874921dee96e298aab067f2e7795d3523
0aa7d53f661b18cb0324ee1eb4c94731444e115605e394a0010fa95965350767
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10db628aae7e1b67199cb4bb95e926c990de0d232a30c7c9683da4e4fbb054b9
13fd6e558df2f472cab3abb89cce96a3d5db526b839a15a989fd9fc8cc70f20e
15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1950966d81d025096a4d66e30fd06d8c29226809c7a4efdf2eafc3a236c7e7ce
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
27f366c5d4c25cdf8abe2984b8f32b26f73e12e3572a58dc0b5494a37992c8af
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2d7f69569a48ee858f5c13abb9a549b189cf265f51c1bd7a831a348f8a578d20
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37667c6ccf601e16a9fe91b18b44806c45351df0a73870ec30a71852e7f96716
3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad
42998baf457e4f37f9b171fabe977dcfe609a403582aa671955b489b651984d9
455214a09feaeffccb894e6543961a28d01c3d0aca23fa579ce187b9074cd853
4d8c02e01019953b9b4bd151e08045720496db3367e7b494623cfa0a8f286843
4df1ce5fc80c34d790e52b83e94602fedcd11f3715c3902ddd24e3003d65242b
4e41b5c219c3dd6a023fc44ec280a9f6f0ff03c26d1bf3a4e3a543e262cbf1a4
5ab0d2a08c2a2adb6f9f1cda7aaa0698795e3e0277fde16030d0213bee59d60a
5c21cc9d616dfc57d041e25321949df844218d9f269ba5137197e9ce79366e04
7106ac4056a90e6943627d4c041fca5fc4b60312211715a455f5dddf29bf108f
755dcf0b78f6d8f12f3a4eb688e28195a80d3e60ed2c302813387f29899d9032
75933255bb57864e50e41474bc6d67a2ea442d88c63dea7e4b50627d40cc0446
788e4bf52dc4f31715dcfbfea31592ec6667aca22bc0671dc90a9a31e199b722
79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1
79e2d84feaa3f917ed7be08901e5e155d0b036438f3f4745e80733f908d4cc35
7a783598f3cc86a4d73a813cedd5f6cbdf85ab7b95c4d40944a30c833071aa18
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
83c568d964a653f2b3e4aecc0ba9788d24e6a608842ca12d7450af36165e4670
83d1c146c7278b1d01dc1e6585f840b3eb37e7cf4c4dbd109e93d48e43142313
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
86c6951054a3d12cf7ae329c975568361b133690e19f5090058e4a7dce86bfd0
8a0c4236a83c25b5425dedcd337161c790e99e8b4f2ad31c530747cf974ae339
8b861ec53a159fcebc757130acfed28809f7a4575195c3d4efd99d0208dff289
8e4c6e21c4dc4230954cf7338212d2d72d95f47c5321d165706dbf4a14bca843
91679a11226f9c1be4c725632668c3a21b8b20b5a3da0843a61ee7cfeedd2adb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a507777da05d355135e1150a08714f05b6a9225dda02b7f8ade5d59a26dfff15
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
aafeda6b1eb7fe07d2a1ba9dc23ee8eb5478e9e39b50deb9c05e4a804015a163
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c00a28daa4df1d9d2cc5e5c3e9f2bb8a9ab38b84a73caca8eeab24df1591cea2
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c80a31a680b5547d22649f60f98c9eb4392fde54666decaaf4037476c9540760
ca694aaafd1163f69c80f7456a8dc8bab473edccdcfc24949d99e46bbdaa050c
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d0df2ff25fded9e43a0cfa5159393d4482725bfb390e8ca94f34da85b5304117
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d2026d59b88bda76d9a260d98a486e61cdf8f5dc92474fe4a256e03f5e50cc87
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e4ba631e34d2dbd017a682454ba0eac410f45b020600a650a6047c7a0df23d52
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ed1ba766fc90938edcf83a09e20470fe15a9fd042b6c84054f435a3356cc5951
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.retire29.com Open in urlscan Pro 143.95.75.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

78 Requests

81 %HTTPS

50 %IPv6

17 Domains

27 Subdomains

23 IPs

3 Countries

1215 kBTransfer

3059 kBSize

4 Cookies

10 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.retire29.com Open in urlscan Pro
143.95.75.215 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

81 %
HTTPS

50 %
IPv6

17
Domains

27
Subdomains

23
IPs

3
Countries

1215 kB
Transfer

3059 kB
Size

4
Cookies

78 HTTP transactions
5 data transactions