retention.media Open in urlscan Pro
2606:4700:3034::681b:a145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gnldr.online/tracker/click?redirect=https%3A%2F%2Fretention.media&dID=1579805339721&linkName=https://retentio...
Effective URL:
https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1cr...
Submission: On February 05 via manual (February 5th 2020, 9:36:02 pm UTC) from US

Summary HTTP 70 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 15 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3034::681b:a145, located in United States and belongs to CLOUDFLARENET, US. The main domain is retention.media.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 21st 2019. Valid for: a year.

This is the only time retention.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.53.168.24 185.53.168.24	47447 (TTM) (TTM)
44	2606:4700:303... 2606:4700:3034::681b:a145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.200.238.181 52.200.238.181	14618 (AMAZON-AES) (AMAZON-AES)
70	12

1 185.53.168.24 (Germany) 1 redirects

ASN47447 (TTM, DE)

gnldr.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700:3034::681b:a145 (United States)

ASN13335 (CLOUDFLARENET, US)

retention.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.238.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-238-181.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	retention.media retention.media	2 MB
11	gstatic.com fonts.gstatic.com	140 KB
3	google-analytics.com 1 redirects www.google-analytics.com	19 KB
2	facebook.com www.facebook.com	329 B
2	facebook.net connect.facebook.net	142 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	33 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	trackcmp.net trackcmp.net	279 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	181 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	googletagmanager.com www.googletagmanager.com	23 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	w.org s.w.org	571 B
1	gnldr.online 1 redirects gnldr.online	1 KB
70	15

	Domain	Requested by
44	retention.media	retention.media ajax.cloudflare.com
11	fonts.gstatic.com	retention.media
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	retention.media connect.facebook.net
2	fonts.googleapis.com	retention.media
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	diffuser-cdn.app-us1.com	retention.media
1	www.googletagmanager.com	retention.media
1	ajax.cloudflare.com	retention.media
1	s.w.org	retention.media
1	gnldr.online	1 redirects
70	16

This site contains links to these domains. Also see Links.

Domain
m.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-04-21` - `2020-04-21`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
ssl861457.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-17` - `2020-03-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
trackcmp.net Amazon	`2019-04-04` - `2020-05-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
Frame ID: DEF2D6AC6DC3F1F3986DC4618ED22A64
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gnldr.online/tracker/click?redirect=https%3A%2F%2Fretention.media&dID=1579805339721&linkN... HTTP 301
https://retention.media/ Page URL
https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-A... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

70
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

16
Subdomains

12
IPs

4
Countries

2438 kB
Transfer

4640 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://m.me/RetentionMediaSEO?ref=FromRMWebsite
Title: Try out Retention Bot

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gnldr.online/tracker/click?redirect=https%3A%2F%2Fretention.media&dID=1579805339721&linkName=https://retention.media HTTP 301
https://retention.media/ Page URL
https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://gnldr.online/tracker/click?redirect=https%3A%2F%2Fretention.media&dID=1579805339721&linkName=https://retention.media HTTP 301
https://retention.media/

Request Chain 65

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=710151396&t=pageview&_s=1&dl=https%3A%2F%2Fretention.media%2F%3F__cf_chl_jschl_tk__%3D09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ&ul=en-us&de=UTF-8&dt=Digital%20Marketing%20Agency%20%7C%20Central%20Valley%20California%20SEO%20Company&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAEAL~&jid=544175484&gjid=990094686&cid=618449667.1580938553&tid=UA-76285930-1&_gid=2089731807.1580938553&_r=1&gtm=2wg1m0N5CQJFG&z=1637582093 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_gid=2089731807.1580938553&gjid=990094686&_v=j80&z=1637582093 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_v=j80&z=1637582093 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_v=j80&z=1637582093&slf_rd=1&random=3486844349

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

/ Show response
retention.media/
Redirect Chain

https://gnldr.online/tracker/click?redirect=https%3A%2F%2Fretention.media&dID=1579805339721&linkName=https://retention.media
https://retention.media/

9 KB
10 KB

79ms
19ms

Document
text/html

2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

298db324c8ef96d8df917f0f4365acf8dcad46e1fa9ed0ee44d8b001c81758cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: retention.media
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 503
date: Wed, 05 Feb 2020 21:35:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0e3c104fefc84f80227fe48c06295e411580938544; expires=Fri, 06-Mar-20 21:35:44 GMT; path=/; domain=.retention.media; HttpOnly; SameSite=Lax
x-frame-options: SAMEORIGIN
cache-control: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5608040faefac2a9-FRA

Redirect headers

Server: nginx
Date: Wed, 05 Feb 2020 21:35:44 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 336
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Cache-Control: private, must-revalidate
Location: https://retention.media
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6InZqYWVROVQ4eDd3TEdwZk5nd1wvMFFBPT0iLCJ2YWx1ZSI6IkUrZENrSnMxdlo4RWIxdHNwV1ZlbFdETWFLNHVobFphZmNCMGxsQ3lcL3ZGZGxiUlJON1wvdU8zcEczQ29nVjdrTGdDd2MzdXh3N2huaGRHZVo2NGpJdUE9PSIsIm1hYyI6ImZhN2E1ZWM0ZTU0NTI3NDJmY2YxOThhZWNlODllOWVhZGFmZTZmMDVmZDg3N2EzOWZmZDQ3ZGI0YmM2ZjU3MTYifQ%3D%3D; expires=Wed, 05-Feb-2020 23:35:44 GMT; Max-Age=7200; path=/; secure snov_io=eyJpdiI6ImFCV0JqaTVuN2dvNU9BRXRDYUVlUlE9PSIsInZhbHVlIjoicU5qcGhDK2hoNXRZcUpKZHIzTXZ6MkdkMFNtMWJKNkZVWUhNUU1aSFBRNmxGQlRqNGFHVnlqTGFtYnBwdEdGcWdTQ2tkRXR4K0ZOVFI4ZVhPQzF6YUE9PSIsIm1hYyI6ImJiODU3NDZlMTA5ODYwYTAxNTI4MzA2MjBmNDU3ODljMmFmMTgzZGEzZWEwZTlkNjU4NDA2MjlmZTFkMjhjY2QifQ%3D%3D; path=/; secure; HttpOnly lang=eyJpdiI6ImhIa2QyNXNZbVJ4cWhcL0NSRUVMOExRPT0iLCJ2YWx1ZSI6IkxGWHBUdkR3anVubXNyTk5Xc0owR3c9PSIsIm1hYyI6ImM3YjdmNWU3YTU1NzZmNjJkMTUxNDM4YmIyZWRhMzQ5YmFlMzA2NzcwYWU0YzUwZWFjMzQ0YjMyYmU1OTM3YTEifQ%3D%3D; expires=Mon, 03-Feb-2025 21:35:44 GMT; Max-Age=157680000; path=/; secure; HttpOnly

POST
H2 200 Primary Request / Show response
retention.media/ 238 KB
30 KB 1253ms
1253ms Document
text/html 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ

Requested by

Host: retention.media
URL: https://retention.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acb0b761328f78396c76518978f57fc1c6cac974183c90347e9aa80165ba6f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

:method: POST
:authority: retention.media
:scheme: https
:path: /?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
content-length: 1944
pragma: no-cache
cache-control: no-cache
origin: https://retention.media
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://retention.media/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d0e3c104fefc84f80227fe48c06295e411580938544
Origin: https://retention.media
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://retention.media/

Response headers

status: 200
date: Wed, 05 Feb 2020 21:35:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_clearance=06abd8c8bf25a99db226d97a1f7ee6f429eb292d-1580938548-0-150; path=/; expires=Thu, 06-Feb-20 22:35:48 GMT; domain=.retention.media; HttpOnly; Secure; SameSite=None __cfduid=dd8c31259c664eff5d005b64666f2553b1580938548; expires=Fri, 06-Mar-20 21:35:48 GMT; path=/; domain=.retention.media; HttpOnly; SameSite=Lax
link: <https://retention.media/wp-json/>; rel="https://api.w.org/", <https://retention.media/>; rel=shortlink
cache-control: max-age=600
expires: Wed, 05 Feb 2020 21:45:49 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5608042a08d6c2a9-FRA
content-encoding: gzip

GET
H2 200 style.min.css
retention.media/wp-content/themes/astra/assets/css/minified/ 84 KB
13 KB 15ms
14ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.2.1

Requested by

Host: retention.media
URL: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c447c114068aafe57eafc82beb07b9bdf9c2dd6540438626591b62b560a6a266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jan 2020 23:24:26 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080431ed84c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
507 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans%3A400&display=fallback&ver=2.2.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61a87c33338a4ea5acdaf071fab0e80c6b45d99188d9946ba60c24a7be012f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 05 Feb 2020 21:35:50 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 05 Feb 2020 21:35:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 05 Feb 2020 21:35:50 GMT

GET
H2 200 style.min.css
retention.media/wp-includes/css/dist/block-library/ 40 KB
6 KB 13ms
12ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-includes/css/dist/block-library/style.min.css?ver=81da152c53a34c4c15d1b67a325b0986

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Nov 2019 08:06:28 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080431ed88c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 astra-addon-5e2b5541e80649-68429446.css
retention.media/wp-content/uploads/astra-addon/ 60 KB
6 KB 15ms
14ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/uploads/astra-addon/astra-addon-5e2b5541e80649-68429446.css?ver=2.2.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad38808172a4989de348984ad11d87f445768b60f1b22f342e9efaa55e3a6a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 24
cf-polished: origSize=61057
status: 200
last-modified: Fri, 24 Jan 2020 20:36:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
cf-ray: 56080431ed8ac2a9-FRA
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 elementor-icons.min.css
retention.media/wp-content/plugins/elementor/assets/lib/eicons/css/ 15 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.5.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b139bad4a379071939c14743f6e792e6478cd4493b62ad32012efd59df3259c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080431ed8cc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 animations.min.css
retention.media/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
2 KB 14ms
13ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.8.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080431ed8ec2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 frontend.min.css
retention.media/wp-content/plugins/elementor/assets/css/ 102 KB
13 KB 15ms
15ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.8.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a425b4e2a7c7d87e4687a00d736cc33a3140fee8502a99211d2b4acbadd0964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080431ed91c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 frontend.min.css
retention.media/wp-content/plugins/elementor-pro/assets/css/ 194 KB
20 KB 20ms
19ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.8.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87627fbbc3b49247a345416700ff4f9611cb83a75901119ecdfe40e2f1e3677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Jan 2020 08:08:05 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432af77c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 uael-frontend.min.css
retention.media/wp-content/plugins/ultimate-elementor/assets/min-css/ 376 KB
39 KB 18ms
17ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/ultimate-elementor/assets/min-css/uael-frontend.min.css?ver=1.22.0.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8cdf8087458b0c0cee87e9e3a55cc594cbc0e96f020cb319d6cc1de6e9d7212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 18:40:26 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432af78c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 all.min.css
retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 55 KB
12 KB 15ms
14ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=2.8.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432af79c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 v4-shims.min.css
retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 21ms
20ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=2.8.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432af7bc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 style.css
retention.media/wp-content/themes/astra-child/ 0
86 B 11ms
10ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/themes/astra-child/style.css?ver=1.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
age: 24
cf-polished: origSize=1168
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2019 18:27:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cf-bgj: minify
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56080432af7dc2a9-FRA
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 64 KB
2 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d769c8f44d1c0406d33c60146e6ee382eebe64a2d9004f9d6169172cd1d5820b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 05 Feb 2020 21:35:50 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 05 Feb 2020 21:35:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Wed, 05 Feb 2020 21:35:50 GMT

GET
H2 200 fontawesome.min.css
retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 53 KB
11 KB 18ms
17ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a42a9e37c60d165dfe5529d03bf2ed44463b246c87c83d25d59493263135f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432af80c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 solid.min.css
retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 667 B
344 B 12ms
11ms Stylesheet
text/css 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.9.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc57cc7e979a8d2129c56653168c1664f4efee4dc612eef0e2b42fe3d116b046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432af83c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 Artboard-2.svg
retention.media/wp-content/uploads/2018/10/ 6 KB
2 KB 15ms
14ms Image
image/svg+xml 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2018/10/Artboard-2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba3a7d0e6e557d30271e78ad876549f816c488cbe115529fd1d22b02123fda3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Apr 2019 18:27:22 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=259200
strict-transport-security: max-age=31536000
cf-ray: 56080432bfb8c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 07 Feb 2020 21:35:27 GMT

GET
H2 200 Modesto-CA-Internet-Marketing-781x1024.png
retention.media/wp-content/uploads/2018/06/ 159 KB
159 KB 14ms
14ms Image
image/webp 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2018/06/Modesto-CA-Internet-Marketing-781x1024.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bc43e9d838e73a367554449dfa0cc0b3d5acf37e1185eb71dc0af87d59e10a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
age: 24
cf-polished: origFmt=png, origSize=247129
status: 200
content-disposition: inline; filename="Modesto-CA-Internet-Marketing-781x1024.webp"
strict-transport-security: max-age=31536000
content-length: 162444
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2019 18:27:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cf-bgj: imgq:100
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56080432bfc8c2a9-FRA
expires: Fri, 06 Mar 2020 21:35:27 GMT

GET
H2 200 Central-Valley-CA-SEO.jpg
retention.media/wp-content/uploads/2018/11/ 149 KB
149 KB 17ms
16ms Image
image/jpeg 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2018/11/Central-Valley-CA-SEO.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

126242329aa2131352af346c079d3ed1b14019164e4f67f6e75361916e86a36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
age: 24
cf-polished: status=not_needed
status: 200
strict-transport-security: max-age=31536000
content-length: 152403
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2019 18:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-bgj: imgq:100
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56080432cfddc2a9-FRA
expires: Fri, 06 Mar 2020 21:35:27 GMT

GET
H2 200 ap_badge.png
retention.media/wp-content/uploads/2019/11/ 3 KB
3 KB 18ms
18ms Image
image/webp 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2019/11/ap_badge.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8a9bb3710e00c2c66abd4f455d2355e55f52b34cb98cc18d37ef14c9d956d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
age: 24
cf-polished: origFmt=png, origSize=8007
status: 200
content-disposition: inline; filename="ap_badge.webp"
strict-transport-security: max-age=31536000
content-length: 3254
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Nov 2019 16:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cf-bgj: imgq:100
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56080432cfe8c2a9-FRA
expires: Fri, 06 Mar 2020 21:35:27 GMT

GET
H2 200 063A9459_websize.jpg
retention.media/wp-content/uploads/2019/11/ 494 KB
494 KB 22ms
18ms Image
image/jpeg 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2019/11/063A9459_websize.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b316434e0980a03f668e5afd4c41c40484d671e35f0b623a5c938c4aee84c245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
age: 24
cf-polished: origSize=534591, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000
content-length: 505549
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Nov 2019 03:05:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-bgj: imgq:100
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56080432d81dc2a9-FRA
expires: Fri, 06 Mar 2020 21:35:27 GMT

GET
H2 200 Think-Outside-The-Box.jpg
retention.media/wp-content/uploads/2018/11/ 42 KB
42 KB 12ms
10ms Image
image/jpeg 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2018/11/Think-Outside-The-Box.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1dfe1aa7dad395726bcbd5f024cf859b208ac5ed0282388b10f1027cb28b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
age: 24
cf-polished: status=not_needed
status: 200
strict-transport-security: max-age=31536000
content-length: 42695
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2019 18:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-bgj: imgq:100
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 56080432f87dc2a9-FRA
expires: Fri, 06 Mar 2020 21:35:27 GMT

GET
H2 200 Retention-Bot.gif
retention.media/wp-content/uploads/2018/11/ 185 KB
185 KB 681ms
680ms Image
image/gif 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2018/11/Retention-Bot.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc17498d5ebedc6376c96fd577ccf5e2dfb939ba6cf22e509dc77b6e4113484d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2019 18:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 56080432f87fc2a9-FRA
content-length: 189489
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:51 GMT

GET
H2 200 Modesto-Flex-Rotary-300x118.png
retention.media/wp-content/uploads/2019/07/ 21 KB
21 KB 559ms
558ms Image
image/png 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2019/07/Modesto-Flex-Rotary-300x118.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de7ecf25094a8b61aa4067ed7f3f449dde6a8a50d68e14416d865bc84a38701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Jul 2019 23:23:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 56080432f882c2a9-FRA
content-length: 21094
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:51 GMT

GET
H2 200 Retention-Media-RM-Logo-White.svg
retention.media/wp-content/uploads/2018/10/ 5 KB
2 KB 415ms
415ms Image
image/svg+xml 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2018/10/Retention-Media-RM-Logo-White.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

236df32f15321aca0b1ea8bb02633d0c259e69dc939e919710ba80fa43cdc5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2019 18:27:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
status: 200
cache-control: max-age=259200
strict-transport-security: max-age=31536000
cf-ray: 56080432f885c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 07 Feb 2020 21:35:51 GMT

GET
H2 200 1f449-1f3fb.svg
s.w.org/images/core/emoji/11/svg/ 563 B
571 B 2656ms
16ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/11/svg/1f449-1f3fb.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

64edaa6d2ebde84b4473d98ba5895d7f4a46e360717b806a0854204f6c7bdc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Wed, 05 Feb 2020 21:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jun 2018 13:09:43 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 14ms
7ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 15:35:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e3054ce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 56080432bf4ed6dd-FRA
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Fri, 07 Feb 2020 21:35:50 GMT

GET
H2 200 frontend.min.js Show response
retention.media/wp-content/plugins/elementor/assets/js/ 92 KB
23 KB 18ms
15ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.8.5

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bf56b129fdb02d260a4eafe9f19054c292df3ddb8b09ee8c3bc5f3ede9c8923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432dffdc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 swiper.min.js Show response
retention.media/wp-content/plugins/elementor/assets/lib/swiper/ 123 KB
31 KB 20ms
17ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=4.4.6

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432dfffc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 waypoints.min.js Show response
retention.media/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 22ms
19ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d803c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 dialog.min.js Show response
retention.media/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
3 KB 19ms
16ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.7.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d807c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 position.min.js Show response
retention.media/wp-includes/js/jquery/ui/ 6 KB
2 KB 17ms
14ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Nov 2019 08:06:28 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d808c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 frontend.min.js Show response
retention.media/wp-content/plugins/elementor-pro/assets/js/ 121 KB
21 KB 24ms
21ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=2.8.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b4ae77d1466b8c91353cca033946364fd33e8fb31136dbcc8ab4ae162d14f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Jan 2020 08:08:05 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d80ac2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 jquery.sticky.min.js Show response
retention.media/wp-content/plugins/elementor-pro/assets/lib/sticky/ 6 KB
2 KB 17ms
15ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=2.8.3

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Jan 2020 08:08:05 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d80bc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 frontend-modules.min.js Show response
retention.media/wp-content/plugins/elementor/assets/js/ 58 KB
16 KB 23ms
21ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=2.8.5

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d03ca8c611491844e74477af0a689be1d41f51975a329ff0d210472bff4836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d80dc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 jquery.smartmenus.min.js Show response
retention.media/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 25 KB
7 KB 19ms
16ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Jan 2020 08:08:05 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d80ec2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 wp-embed.min.js Show response
retention.media/wp-includes/js/ 1 KB
785 B 18ms
16ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-includes/js/wp-embed.min.js?ver=81da152c53a34c4c15d1b67a325b0986

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Nov 2019 08:06:28 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d810c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 astra-addon-5e2b5541e88fa4-48584665.js Show response
retention.media/wp-content/uploads/astra-addon/ 24 KB
5 KB 16ms
13ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/uploads/astra-addon/astra-addon-5e2b5541e88fa4-48584665.js?ver=2.2.5

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56be9002aac8f37a82b4eeceeb18138ad09aedbede76b6bc7d24ec3a37656d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 24
status: 200
last-modified: Fri, 24 Jan 2020 20:36:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 56080432d811c2a9-FRA
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 ta.js Show response
retention.media/wp-content/plugins/thirstyaffiliates/js/app/ 4 KB
1 KB 21ms
19ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/thirstyaffiliates/js/app/ta.js?ver=3.9.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab3e83699202b43aff9fab9ddbc8445d705d40cfdb7b68afc36dcbb53f3aab49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 24
cf-polished: origSize=9967
status: 200
last-modified: Wed, 29 Jan 2020 18:40:39 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 56080432d813c2a9-FRA
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 style.min.js Show response
retention.media/wp-content/themes/astra/assets/js/minified/ 10 KB
3 KB 15ms
13ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.2.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22780905e5bfdebcb02e7dabaec10a6c4b0553bec8b50c02faad001104b7c9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jan 2020 23:24:26 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d815c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 v4-shims.min.js Show response
retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 17ms
15ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=2.8.5

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50203c7ed000d0f102def9c2b3ca9a07440faa7f659bfa516a8dc50de545c3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d817c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
retention.media/wp-includes/js/jquery/ 10 KB
4 KB 19ms
18ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 May 2016 15:41:28 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 56080432d81ac2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 jquery.js Show response
retention.media/wp-includes/js/jquery/ 95 KB
32 KB 23ms
22ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 24
cf-polished: origSize=96873
status: 200
last-modified: Mon, 26 Aug 2019 07:06:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 56080432d81bc2a9-FRA
expires: Fri, 06 Mar 2020 21:35:26 GMT

GET
H2 200 black-iphone-7-on-brown-table-699122-1.jpg
retention.media/wp-content/uploads/2019/11/ 539 KB
540 KB 688ms
688ms Image
image/jpeg 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retention.media/wp-content/uploads/2019/11/black-iphone-7-on-brown-table-699122-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d533253b474a7c588e7968d55b5e53eb4c5a24735e60c92e35e21105839bcbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 02:48:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-ray: 56080432f887c2a9-FRA
content-length: 551876
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:51 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v14/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v14/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a301bfb744cebac8f71edfe0e93dd32cd60e3a76728e340fb891d5274854e9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A400&display=fallback&ver=2.2.1
Origin: https://retention.media

Response headers

date: Sat, 01 Feb 2020 14:04:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:59 GMT
server: sffe
age: 372688
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10604
x-xss-protection: 0
expires: Sun, 31 Jan 2021 14:04:22 GMT

GET
H2 200 eicons.woff2
retention.media/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 71 KB
71 KB 17ms
16ms Font
font/woff2 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.5.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28884565a5c65de72604a03825f3c12c77c72e78c45ea1f0866d5a460e86c456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://retention.media/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.5.0
Origin: https://retention.media

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
status: 200
cache-control: max-age=259200
strict-transport-security: max-age=31536000
cf-ray: 56080432e83cc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 07 Feb 2020 21:35:27 GMT

GET
H2 200 fa-solid-900.woff2
retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
74 KB 13ms
13ms Font
font/woff2 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://retention.media/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=2.8.5
Origin: https://retention.media

Response headers

date: Wed, 05 Feb 2020 21:35:50 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Jan 2020 16:19:58 GMT
server: cloudflare
age: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
status: 200
cache-control: max-age=259200
strict-transport-security: max-age=31536000
cf-ray: 56080432e83fc2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 07 Feb 2020 21:35:27 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Tue, 04 Feb 2020 18:39:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 96971
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Wed, 03 Feb 2021 18:39:39 GMT

GET
H2 200 Qw3FZQNVED7rKGKxtqIqX5Ectllte10hoJky_A.woff2
fonts.gstatic.com/s/josefinsans/v14/ 10 KB
10 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v14/Qw3FZQNVED7rKGKxtqIqX5Ectllte10hoJky_A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b77b75e747deafc2aa2a17156ae44e4db909956239a131c5eabd456ddcfddfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Tue, 04 Feb 2020 17:53:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:32 GMT
server: sffe
age: 99743
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10156
x-xss-protection: 0
expires: Wed, 03 Feb 2021 17:53:27 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Tue, 04 Feb 2020 00:48:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 161240
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13640
x-xss-protection: 0
expires: Wed, 03 Feb 2021 00:48:30 GMT

GET
H2 200 c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNPVo0wPFXC.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70c4220ecf55c61323357997ff807de558ed8c8d86f14aaf3a4cb483488968d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Fri, 31 Jan 2020 21:26:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:42:18 GMT
server: sffe
age: 432575
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14024
x-xss-protection: 0
expires: Sat, 30 Jan 2021 21:26:15 GMT

GET
H2 200 c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpL6DRNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/ 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpL6DRNPVo0wPFXC.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3bcfe90dd33f4d2a04a129eeba744aede9c33d9b14a9de5e3ad38dd5d2d8444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Sat, 01 Feb 2020 04:21:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:42:06 GMT
server: sffe
age: 407682
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14004
x-xss-protection: 0
expires: Sun, 31 Jan 2021 04:21:08 GMT

GET
H2 200 c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpLWChNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/ 14 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpLWChNPVo0wPFXC.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea34c51d8cf09029339b78aad1743ba8a79c9b903fa9ad53c79f6cc66c8f4857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Sat, 01 Feb 2020 00:10:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:41:51 GMT
server: sffe
age: 422697
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13976
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:10:53 GMT

GET
H2 200 c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpLqCBNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/ 14 KB
14 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpLqCBNPVo0wPFXC.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d9c0959c4abfbe0806be18786361c8738b4d64c10879a88d886c999594f6d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Sat, 01 Feb 2020 14:10:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:42:30 GMT
server: sffe
age: 372309
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13832
x-xss-protection: 0
expires: Sun, 31 Jan 2021 14:10:41 GMT

GET
H2 200 c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpolKQZidIAa.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesansexpanded/v4/c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpolKQZidIAa.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e04eebe5f296a59cdc9ae479eb4b91f925faea91bc4ed6fb2d76e59a129fc40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Tue, 04 Feb 2020 05:08:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:41:23 GMT
server: sffe
age: 145621
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13852
x-xss-protection: 0
expires: Wed, 03 Feb 2021 05:08:49 GMT

GET
H2 200 c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKOCxNPVo0wPFXC.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKOCxNPVo0wPFXC.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

472e20c1813a9d44b8ee722e4816ceb29a3c54b75a3b8692b4ecf994708bbc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Sat, 01 Feb 2020 01:14:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 02:40:30 GMT
server: sffe
age: 418862
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13868
x-xss-protection: 0
expires: Sun, 31 Jan 2021 01:14:48 GMT

GET
H2 200 Qw3FZQNVED7rKGKxtqIqX5Ec0lhte10hoJky_A.woff2
fonts.gstatic.com/s/josefinsans/v14/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v14/Qw3FZQNVED7rKGKxtqIqX5Ec0lhte10hoJky_A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

675ab84738c7efab7a2af8f45de90f0ae5c4cf1a51594bda29259515794a0740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CEncode+Sans+Expanded%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPhilosopher%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=81da152c53a34c4c15d1b67a325b0986
Origin: https://retention.media

Response headers

date: Mon, 03 Feb 2020 23:52:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:14 GMT
server: sffe
age: 164618
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10620
x-xss-protection: 0
expires: Tue, 02 Feb 2021 23:52:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 61 KB
23 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5CQJFG

Requested by

Host: retention.media
URL: https://retention.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72562e60af36d403e5735f722a0bad09a81c5f54f7262f1a102b84bf933fe141

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:52 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=604800; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22994
x-xss-protection: 0
last-modified: Wed, 05 Feb 2020 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Feb 2020 21:35:52 GMT

GET
H2 200 wp-emoji-release.min.js Show response
retention.media/wp-includes/js/ 14 KB
4 KB 419ms
418ms Script
application/javascript 2606:4700:3034::681b:a145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://retention.media/wp-includes/js/wp-emoji-release.min.js?ver=81da152c53a34c4c15d1b67a325b0986

Requested by

Host: retention.media
URL: https://retention.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:a145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 Nov 2019 08:06:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-ray: 5608044359a8c2a9-FRA
x-xss-protection: 1; mode=block
expires: Fri, 06 Mar 2020 21:35:53 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 100 KB
32 KB 36ms
15ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: retention.media
URL: https://retention.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 279a19c01fc41318f56bd407a24ce16ac8ff7fe77405061f465bc2ca0852bc99

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 76
x-cache: Miss from cloudfront
status: 200
last-modified: Fri, 22 Nov 2019 16:24:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA53-C1
cf-ray: 560804438a5a63b3-FRA
x-amz-cf-id: RIwDC9adqEHJjiQp3TbZoZGP8tywS69H84J72QlEwKkAm0_B4gpRtg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5CQJFG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 3740
date: Wed, 05 Feb 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Wed, 05 Feb 2020 22:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: retention.media
URL: https://retention.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: Yn5VzekWbUFNSMxTnxa/ckuQSWet11OJyD69CXGlCjqcSc6I1WL8K63nr6L7lAZGMLqQ2cvHObp7p74JRy8gpA==
x-fb-trip-id: 1850256238
date: Wed, 05 Feb 2020 21:35:52 GMT, Wed, 05 Feb 2020 21:35:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
391 B 232ms
228ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=610215216&u=https%3A%2F%2Fretention.media%2F%3F__cf_chl_jschl_tk__%3D09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ&r=https%3A%2F%2Fretention.media%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.25
Resource Hash: 708a73177a93b51a7c11102714f701f0354c660c57b656728505555434ff54dc

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, private
cf-ray: 56080443eabf63b3-FRA

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 107
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Wed, 05 Feb 2020 22:34:05 GMT

GET
H2 200 339684156887279 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/339684156887279?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

834a714c8795e0bb7772e79d4dd169d38293ff0f1ac2716be92ce30d5dd8205b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114918
x-xss-protection: 0
pragma: public
x-fb-debug: NMDGBlszeOnVO+B5mbi6BEftzrNcfm+uYFv/thj4bxi3Bw+9Nruaw65JqsPp2odq98r51BmhAB7xpPKcZYuZnA==
x-fb-trip-id: 1850256238
date: Wed, 05 Feb 2020 21:35:52 GMT, Wed, 05 Feb 2020 21:35:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=710151396&t=pageview&_s=1&dl=https%3A%2F%2Fretention.media%2F%3F__cf_chl_jschl_tk__%3D09a4a759389429419b0f258be17c341604d0b301-1580938544-0-A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_gid=2089731807.1580938553&gjid=990094686&_v=j80&z=1637582093
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_v=j80&z=1637582093
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_v=j80&z=1637582093&slf_rd=1&random=3486844349

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_v=j80&z=1637582093&slf_rd=1&random=3486844349

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Feb 2020 21:35:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Feb 2020 21:35:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76285930-1&cid=618449667.1580938553&jid=544175484&_v=j80&z=1637582093&slf_rd=1&random=3486844349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=339684156887279&ev=PageView&dl=https%3A%2F%2Fretention.media%2F%3F__cf_chl_jschl_tk__%3D09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ&rl=https%3A%2F%2Fretention.media%2F&if=false&ts=1580938552985&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1580938552984.424578362&it=1580938552954&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:52 GMT, Wed, 05 Feb 2020 21:35:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Wed, 05 Feb 2020 21:35:52 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
279 B 326ms
112ms Script
text/javascript 52.200.238.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=610215216&prismid=60718cd6-e92c-4190-b499-8ed0d957a1b7&url=https%3A%2F%2Fretention.media%2F%3F__cf_chl_jschl_tk__%3D09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.238.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-238-181.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 21:35:53 GMT
server: Apache/2.4.39 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
status: 200
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
70 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://retention.media/?__cf_chl_jschl_tk__=09a4a759389429419b0f258be17c341604d0b301-1580938544-0-AbuirzUNSRw2C0TSQy1crtjxG9OiNiPawq5rDgkVsSNCGT9o6_317EJvQ0SpqcO7ClDgxN4WBIjwxX_-yoTTXICEgxsE1C-Xx10mJMrISogJWbE4vAEurIMaCLph7tsH8q705qZi8xphox-l7Q_Q_WwsIRN6aMM3eiTq8_9xckuSGTSikASg4CZhZVr0cyp2tZw-tVQikSCKIYHBo4puC-hffD0A6gh-DM_2RUu7cIbYN6_kHkQrGsparlQdmQqQNC50TEfNcG-Stm8tzgGadhoGDFniOesU8i3CTDLOCGMig3VcBxy91wWcipirmVe3yQ
Origin: https://retention.media
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzwgClDS7DJg7rAxZ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://retention.media
date: Wed, 05 Feb 2020 21:35:53 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.retention.media/	1970-01-19 07:52:10	Name: __cfduid Value: dd8c31259c664eff5d005b64666f2553b1580938548
			.retention.media/	1970-01-19 07:10:28	Name: cf_clearance Value: 06abd8c8bf25a99db226d97a1f7ee6f429eb292d-1580938548-0-150

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://retention.media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
connect.facebook.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
gnldr.online
prism.app-us1.com
retention.media
s.w.org
stats.g.doubleclick.net
trackcmp.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
185.53.168.24
192.0.77.48
2606:4700:3034::681b:a145
2606:4700::6811:4104
2606:4700::6811:925b
2a00:1450:4001:806::200e
2a00:1450:4001:816::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.200.238.181
01a42a9e37c60d165dfe5529d03bf2ed44463b246c87c83d25d59493263135f2
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126242329aa2131352af346c079d3ed1b14019164e4f67f6e75361916e86a36b
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1b56a059635d124359232fc094453f648c51da4d42b68b1bb210bd5c543115e7
1bf56b129fdb02d260a4eafe9f19054c292df3ddb8b09ee8c3bc5f3ede9c8923
1e3bd23f892a7823c8419303360e545aa10d63f307d8117abf1fb1b1f756f58a
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22780905e5bfdebcb02e7dabaec10a6c4b0553bec8b50c02faad001104b7c9a4
236df32f15321aca0b1ea8bb02633d0c259e69dc939e919710ba80fa43cdc5ae
279a19c01fc41318f56bd407a24ce16ac8ff7fe77405061f465bc2ca0852bc99
28884565a5c65de72604a03825f3c12c77c72e78c45ea1f0866d5a460e86c456
298db324c8ef96d8df917f0f4365acf8dcad46e1fa9ed0ee44d8b001c81758cd
2c1dfe1aa7dad395726bcbd5f024cf859b208ac5ed0282388b10f1027cb28b68
3b139bad4a379071939c14743f6e792e6478cd4493b62ad32012efd59df3259c
3c8a9bb3710e00c2c66abd4f455d2355e55f52b34cb98cc18d37ef14c9d956d2
472e20c1813a9d44b8ee722e4816ceb29a3c54b75a3b8692b4ecf994708bbc4a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
50203c7ed000d0f102def9c2b3ca9a07440faa7f659bfa516a8dc50de545c3df
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d9c0959c4abfbe0806be18786361c8738b4d64c10879a88d886c999594f6d98
61a87c33338a4ea5acdaf071fab0e80c6b45d99188d9946ba60c24a7be012f05
64edaa6d2ebde84b4473d98ba5895d7f4a46e360717b806a0854204f6c7bdc9c
675ab84738c7efab7a2af8f45de90f0ae5c4cf1a51594bda29259515794a0740
6a425b4e2a7c7d87e4687a00d736cc33a3140fee8502a99211d2b4acbadd0964
6bc43e9d838e73a367554449dfa0cc0b3d5acf37e1185eb71dc0af87d59e10a9
708a73177a93b51a7c11102714f701f0354c660c57b656728505555434ff54dc
70c4220ecf55c61323357997ff807de558ed8c8d86f14aaf3a4cb483488968d4
72562e60af36d403e5735f722a0bad09a81c5f54f7262f1a102b84bf933fe141
7b77b75e747deafc2aa2a17156ae44e4db909956239a131c5eabd456ddcfddfd
834a714c8795e0bb7772e79d4dd169d38293ff0f1ac2716be92ce30d5dd8205b
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8de7ecf25094a8b61aa4067ed7f3f449dde6a8a50d68e14416d865bc84a38701
a301bfb744cebac8f71edfe0e93dd32cd60e3a76728e340fb891d5274854e9b9
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
ab3e83699202b43aff9fab9ddbc8445d705d40cfdb7b68afc36dcbb53f3aab49
acb0b761328f78396c76518978f57fc1c6cac974183c90347e9aa80165ba6f61
ad38808172a4989de348984ad11d87f445768b60f1b22f342e9efaa55e3a6a07
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b316434e0980a03f668e5afd4c41c40484d671e35f0b623a5c938c4aee84c245
b87627fbbc3b49247a345416700ff4f9611cb83a75901119ecdfe40e2f1e3677
b8cdf8087458b0c0cee87e9e3a55cc594cbc0e96f020cb319d6cc1de6e9d7212
ba3a7d0e6e557d30271e78ad876549f816c488cbe115529fd1d22b02123fda3e
c447c114068aafe57eafc82beb07b9bdf9c2dd6540438626591b62b560a6a266
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d3bcfe90dd33f4d2a04a129eeba744aede9c33d9b14a9de5e3ad38dd5d2d8444
d533253b474a7c588e7968d55b5e53eb4c5a24735e60c92e35e21105839bcbb5
d665ca414f80354dd1b8fe3c6ab35e355741da9dcd5efa5ccee8750654368dbb
d769c8f44d1c0406d33c60146e6ee382eebe64a2d9004f9d6169172cd1d5820b
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dc17498d5ebedc6376c96fd577ccf5e2dfb939ba6cf22e509dc77b6e4113484d
dc57cc7e979a8d2129c56653168c1664f4efee4dc612eef0e2b42fe3d116b046
e04eebe5f296a59cdc9ae479eb4b91f925faea91bc4ed6fb2d76e59a129fc40f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ea34c51d8cf09029339b78aad1743ba8a79c9b903fa9ad53c79f6cc66c8f4857
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b4ae77d1466b8c91353cca033946364fd33e8fb31136dbcc8ab4ae162d14f1
f7d03ca8c611491844e74477af0a689be1d41f51975a329ff0d210472bff4836
fb56be9002aac8f37a82b4eeceeb18138ad09aedbede76b6bc7d24ec3a37656d
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

retention.media Open in urlscan Pro 2606:4700:3034::681b:a145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

80 %IPv6

15 Domains

16 Subdomains

12 IPs

4 Countries

2438 kBTransfer

4640 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

retention.media Open in urlscan Pro
2606:4700:3034::681b:a145 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

16
Subdomains

12
IPs

4
Countries

2438 kB
Transfer

4640 kB
Size

2
Cookies

70 HTTP transactions
0 data transactions