www.lisenbyretirement.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.lisenbyretirement.com/#17
Effective URL:
https://www.lisenbyretirement.com/
Submission: On March 03 via manual (March 3rd 2022, 6:11:58 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 52 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lisenbyretirement.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 27th 2021. Valid for: a year.

This is the only time www.lisenbyretirement.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	134.209.136.174 134.209.136.174	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
6	2a00:1450:400... 2a00:1450:400e:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
52	14

14 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lisenbyretirement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.136.174 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ckeckstatus.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:811::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	347 KB
14	lisenbyretirement.com www.lisenbyretirement.com	85 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	34 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28691	2 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	gstatic.com fonts.gstatic.com	98 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	69 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	39 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	652 B
1	ckeckstatus.biz ckeckstatus.biz — Cisco Umbrella Rank: 339083	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
52	12

	Domain	Requested by
14	www.lisenbyretirement.com	www.lisenbyretirement.com
9	pagead2.googlesyndication.com	www.lisenbyretirement.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects www.lisenbyretirement.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	mc.yandex.ru	1 redirects www.lisenbyretirement.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ckeckstatus.biz	www.lisenbyretirement.com
1	fonts.googleapis.com	www.lisenbyretirement.com
52	14

This site contains links to these domains. Also see Links.

Domain
wp-puzzle.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-27` - `2022-08-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
pushstatus.biz R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.lisenbyretirement.com/
Frame ID: F0622BDD75719C40A601783587CCB267
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220301/r20190131/zrt_lookup.html
Frame ID: FC22508CC0DE74092BA3A53A500879E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&adk=1812271804&adf=1573534164&lmt=1646331113&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113746&bpp=3&bdt=157&idt=89&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1804090654035&frm=20&pv=2&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: 298EE62DAD4B8A773CE981BC51A4F034
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&h=600&slotname=3170762745&adk=1751338581&adf=1175018886&pi=t.ma~as.3170762745&w=300&fwrn=4&fwrnh=100&lmt=1646331113&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113749&bpp=3&bdt=160&idt=100&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1804090654035&frm=20&pv=1&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5FubekaWOg&p=https%3A//www.lisenbyretirement.com&dtd=106
Frame ID: C42D5A127323829FFF176350F5222971
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 292D7BE31BFCE5F30FD68AFF9E5AD034
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js
Frame ID: BD602533DDB8DD80DCDAB6E66F5F6C01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 84B066B11027B0C6A88F7C0EA5E8519E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 942E98220B4EFA51EE4D0F093AE6E09C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pension info - everything about pension

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

94 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

688 kB
Transfer

1591 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wp-puzzle.com/
Title: WP Puzzle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9566.UbkPgnKpVFXRrUGt9t5j8S7uMGFiPqrXruLJgWKzlo1nodTl1z5aSshGyM6HKiZf.hxSZ4mqOhPKLj5ZCXsfHmcRg-CI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9566.-fj9EJ3qCZ2XZI5oVchkbur5HQT9qWLsXPRQ1dJYP7Cax98A0VM4MGpRucv0YJmuiBEqq_clrIe3M5WeBdYiQA%2C%2C.59XDLy7o5tVnY8nsTjFEXRlHxSY%2C

Request Chain 32

https://mc.yandex.com/watch/67723162?wmode=7&page-url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A728662725695%3Ahid%3A305084385%3Az%3A0%3Ai%3A20220303181153%3Aet%3A1646331114%3Ac%3A1%3Arn%3A454625195%3Arqn%3A1%3Au%3A1646331114697268801%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646331113298%3Ads%3A0%2C26%2C262%2C37%2C0%2C0%2C%2C89%2C6%2C%2C%2C%2C415%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646331114%3At%3APension%20info%20-%20everything%20about%20pension&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/67723162/1?wmode=7&page-url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A728662725695%3Ahid%3A305084385%3Az%3A0%3Ai%3A20220303181153%3Aet%3A1646331114%3Ac%3A1%3Arn%3A454625195%3Arqn%3A1%3Au%3A1646331114697268801%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646331113298%3Ads%3A0%2C26%2C262%2C37%2C0%2C0%2C%2C89%2C6%2C%2C%2C%2C415%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646331114%3At%3APension%20info%20-%20everything%20about%20pension&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.lisenbyretirement.com/ 56 KB
16 KB 288ms
262ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: b09230ba7ade38bc62a838785ba1eee6a551a060019bdbb9aa55af31f9cf18e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.lisenbyretirement.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzf%2BJEhDiuLBCcuiD6lzQOY%2FEbFXMaOoDKBFRfep0z1b18wlO5dHbzoaYGwLUt0Y1Q7se4WQXtguMfsUNXUAdmMdflmOGBTBlw1Ff%2Fe6ooCxZDJjVO6yEjsdjLM3qoqjVYvotx0AGgDqf%2Fu09%2B38m2W5pg2fkey3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e64565248129b5e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget.css
www.lisenbyretirement.com/wp-content/plugins/yet-another-related-posts-plugin/style/ 623 B
596 B 26ms
22ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.19
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc73d188090ccf54462917db72c1cc11fc803e1ef26b1ef397d542690bed3fdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-26f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK57MdaLr%2FYtz8CvnS%2BNVFROMbbuZbiR29WuY9DHMt29JiIuoAErql4qQaqfDZzCmkPzv4bGqHxPMRL%2B3GxHtfcRZZYe%2FXa52X7Nyx5xTX9rOdrd0VSt6TjAE1nLPnFLQwfaYauFHpLGlcHAqu0djqo7wrqTNAUR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6e6456541c239b5e-FRA
expires: Thu, 10 Mar 2022 11:46:26 GMT

GET
H2 200 postratings-css.css
www.lisenbyretirement.com/wp-content/plugins/wp-postratings/css/ 1 KB
900 B 33ms
29ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-549"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Lpj1npw0Rynn3b0%2BigvL7ax0%2BjH6Urv9RQsW0PB2Mxt8azKtLmb6slvOa6TzFibgaWbDGxckObwiGjT7dPRguli%2BYmmNXU8SWU7zWgGFuciLNSL%2F4HFZzyIqYDvKUHkDvLfosVkj00nPpvIHtFOalCYBw2WtTqQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6e6456541c259b5e-FRA
expires: Tue, 08 Mar 2022 17:01:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 45ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14caf2d0fa99e64b1c4d1404febcb9db8c02b97d4150de66d2363bf2222016ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 16:39:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Mar 2022 18:11:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Mar 2022 18:11:53 GMT

GET
H2 200 style.css
www.lisenbyretirement.com/wp-content/themes/basic/ 29 KB
8 KB 20ms
17ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/themes/basic/style.css?ver=1
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fba81a4510be9fe7ad6dc107aeda80a76b4841016f4a80e64975650942112b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-73b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBO2wYqsLMQ7%2FV3XsUKFlc6r6zlcVVODv144zaM02XYoWm5nELHPfJZsxsaA6iTkFLFaU8dgZ9A%2FWnClzNzFWQb8rdxSw9WmGj7KIX3WSwmADOD09xLnk8hXN%2BminutZQq6w%2B43dSxMAix3VVGlbqVSWiRV4bEkz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6e6456541c269b5e-FRA
expires: Fri, 04 Mar 2022 17:21:02 GMT

GET
H2 200 jquery.js Show response
www.lisenbyretirement.com/wp-includes/js/jquery/ 95 KB
34 KB 23ms
19ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-17a6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDZaNoymoa%2FY6tLBJ%2FgBiwZXUN4eY4jhPxCTkb0NYuYwmeGWcPmxB8B4CWDROpi1LFUDdjCLl5obuV68t1%2Fzoszdv9qXCO%2FvK%2FPWufhWmkjoeUTZM7Xd7I9tcZLJqQxDuXMi%2F5bCADMiktFgwYliwHSmsDaq5MSJ"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e6456541c279b5e-FRA
expires: Mon, 07 Mar 2022 20:31:38 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.lisenbyretirement.com/wp-includes/js/jquery/ 10 KB
4 KB 40ms
36ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx1Y%2FzQCZrGEUfTCYy%2B38Guly7JcPX7CpskS49WsGvexEFWhShIngOda9CZcnLtamu1qZPXGTyxPJtAcM9VNqz1i2AJunWpXzwH3f%2FRgGBf3i2qGuZiQXyciuj8G3bFOkVW5DdwG2cOx5FzkWFCjNlWDUD%2BQVbpW"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e6456541c2a9b5e-FRA
expires: Mon, 07 Mar 2022 15:25:27 GMT

GET
H2 200 / Show response
ckeckstatus.biz/ 13 KB
13 KB 92ms
23ms Script
application/javascript 134.209.136.174
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://ckeckstatus.biz/?re=hbrdsytggi5ha3ddf42tsmrz

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.136.174 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

87b9acbd10cee79329f9e7b013c3f3c5e76e4e480d337d584a9da956dc3ade1f

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Mar 2022 18:11:53 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 57ms
31ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6447840350277549

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61e8938e2985d53c6b8d58c1236f0c373ecf949979cce58f12ee762ec729a142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lisenbyretirement.com/
Origin: https://www.lisenbyretirement.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53922
x-xss-protection: 0
server: cafe
etag: 8181826168315279192
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 18:11:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 69ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3042a77c38254c835a78053f124235d0fccf6f85f465b1119f02b7f127138d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53863
x-xss-protection: 0
server: cafe
etag: 8609526076213640687
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 18:11:53 GMT

GET
H2 200 postratings-js.js Show response
www.lisenbyretirement.com/wp-content/plugins/wp-postratings/js/ 3 KB
1 KB 22ms
19ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12135
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXRj%2FSnDR0kuchwB2WG9D%2FiH0fDsLUiBEOF5VGuIZtCswgHGa%2FC4eVTHlAi3o2wUxLzJ87Xhjcn4917YVeTT96gJTLsNrq4UV%2FKPSX4xGZL76qGuhQPxS1xs3t5VHXrgunQRnMbg4uJO5vKMc%2FP0FuctgWuL50QV"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e6456541c2c9b5e-FRA
expires: Thu, 10 Mar 2022 14:49:38 GMT

GET
H2 200 functions.js Show response
www.lisenbyretirement.com/wp-content/themes/basic/js/ 1 KB
890 B 24ms
21ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/themes/basic/js/functions.js?ver=1
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-52b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mu3LOjiaXpLZ%2BYAHN9Aus5%2Bk7oF1aW99NRQdC2lC59%2BhuoDRLvZXMLmIQplvBopN1d5rBnBJPgFkp57dcsekdviFXiowMEA1bXDcIAZs2YZjGboisi3UCC9J8U%2BR%2FCHVe4SR%2Fya7N38K4kBD95lSekm88Kl9q1f"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e6456541c2d9b5e-FRA
expires: Thu, 10 Mar 2022 11:46:26 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
www.lisenbyretirement.com/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 39ms
36ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Jan 2021 09:01:20 GMT
server: cloudflare
etag: W/"5ff6cde0-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jao4IGZrll%2FEkzSaKLgldjxCweOAA20O2o3hmqa9oKFJraK%2Bo6oO6uSPF%2FQFf82lrrJiExkRlA%2FpDkA6uS7Fa%2FK0qfEW%2BnKwAjiF3Bmd0vdG3ztC344AnwSbQDNPytIO2N2kp5KsTxhRPNG4gcqKnp1chSvPJJPP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e6456541c2f9b5e-FRA
expires: Sun, 06 Mar 2022 00:44:55 GMT

GET
H2 200 wp-embed.min.js Show response
www.lisenbyretirement.com/wp-includes/js/ 1 KB
1 KB 25ms
23ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-includes/js/wp-embed.min.js?ver=4.9.19
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 00:14:43 GMT
server: cloudflare
etag: W/"6078d6f3-56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lao%2FDfqVszqY3qFArr%2BZAZTar3LyckS%2F9KV5hFqlrV%2BxbuFwojuzbRW3lyG3glOoy7HoajKGB7W%2Fiiu0Rvu2OY%2FPZAiF3V%2Fij425%2FrCYf1Hq2HCUXPUrjj1pDkNbzjTDwO%2FywO1oABSB1p35CWa5A6JG9tgs0EM%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e6456541c3d9b5e-FRA
expires: Sun, 06 Mar 2022 00:44:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.lisenbyretirement.com/wp-includes/js/ 12 KB
5 KB 47ms
47ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.19
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 354796
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 00:14:43 GMT
server: cloudflare
etag: W/"6078d6f3-2ea7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5AIz%2BJtNTdXxWWvjr%2Fqa3ufrFmPtXApW50zy3rH0QK%2BvywoitTR%2B47en7WmPQopluG6MvH%2BFrxcUiQTGV1EucNfWWBVsfhKt29h0yhbSUkZfMQFZ419D1JJ0px2p2msjq4Shf7xYrhYV0TrfqBb5ntq%2FI63l%2BP%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
cf-ray: 6e64565488e0839c-MXP
expires: Sun, 06 Mar 2022 15:38:37 GMT

GET
H3 200 lazyload.min.js Show response
www.lisenbyretirement.com/wp-content/plugins/rocket-lazy-load/assets/js/12.0/ 5 KB
3 KB 143ms
143ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lisenbyretirement.com/wp-content/plugins/rocket-lazy-load/assets/js/12.0/lazyload.min.js
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: W/"5f71ad40-15d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCLdmCWxUq4wndbHSNeiCnVCCQ63SYL8AbMF41C80h4vb%2BE8zIPTTbnsOwsus4%2Frb%2FdPTv2If%2F9opRhEFDjF806WA6B9wAX4MLOAc4EtYpRHwBPdE1C%2Bh1uChzz%2Ba0%2B5zD8%2Fi929Vond8wYzh5XviD6imiKL5Zih"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e64565488e9839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 10 Mar 2022 18:11:53 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eb677ff632aae24e700d06662bdc24c74587fe63d27f506666a1d6922ad64f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 29 KB
29 KB 44ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lisenbyretirement.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:43:14 GMT
x-content-type-options: nosniff
age: 80919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:43:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 47ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lisenbyretirement.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 156406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 22:45:07 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
25 KB 14ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lisenbyretirement.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 156256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 22:47:37 GMT

GET
H3 200 rating_over.gif
www.lisenbyretirement.com/wp-content/plugins/wp-postratings/images/stars/ 523 B
1 KB 35ms
35ms Image
image/gif 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lisenbyretirement.com/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 523
last-modified: Mon, 28 Sep 2020 09:30:40 GMT
server: cloudflare
etag: "5f71ad40-20b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beKKZhbHVGj8mB1nU1DN4AdsnLc%2FNutAhkr0xpJZuLwqeS9BnRBLn3BLGDYgjbVy7tDb%2BABkLAd0LESprlH1xeU2FVsc1F8UnMF0FzS%2BWVWNFHYFOhDXLxielxro50lsTCYIAkjvP%2BNuocj13FkPkGDoimGR0os9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e645654b959839c-MXP
expires: Fri, 01 Apr 2022 13:51:34 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 159ms
77ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-10fdc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69596
expires: Thu, 03 Mar 2022 19:11:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/ 291 KB
105 KB 56ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6447840350277549&plah=www.lisenbyretirement.com&bust=31065447

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6447840350277549

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e2a117c565fa048515446bcba594322f5a253942fab5f160f0ae63733a62deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107379
x-xss-protection: 0
server: cafe
etag: 12263253900160264268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Mar 2022 18:11:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220301/r20190131/ Frame FC22 10 KB
5 KB 45ms
15ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6447840350277549

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 03 Mar 2022 00:52:03 GMT
expires: Thu, 17 Mar 2022 00:52:03 GMT
cache-control: public, max-age=1209600
age: 62390
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET rpJJdihz.js
www.lisenbyretirement.com/ Frame 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 225 B
652 B 66ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.lisenbyretirement.com&callback=_gfp_s_&client=ca-pub-6447840350277549

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6447840350277549&plah=www.lisenbyretirement.com&bust=31065447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

bc692b6fd5ac3d84160f317148a0bfebb3a74044b00622318895913784ca2661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 63ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.lisenbyretirement.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 62ms
23ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lisenbyretirement.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 18:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 298E 0
19 B 141ms
124ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&adk=1812271804&adf=1573534164&lmt=1646331113&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113746&bpp=3&bdt=157&idt=89&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1804090654035&frm=20&pv=2&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 03 Mar 2022 18:11:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Mar 2022 18:11:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C42D 73 KB
29 KB 428ms
418ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&h=600&slotname=3170762745&adk=1751338581&adf=1175018886&pi=t.ma~as.3170762745&w=300&fwrn=4&fwrnh=100&lmt=1646331113&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113749&bpp=3&bdt=160&idt=100&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1804090654035&frm=20&pv=1&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5FubekaWOg&p=https%3A//www.lisenbyretirement.com&dtd=106

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aafa92bcc76b5e708317e046c4e0e7e84910126f2fb4160a00082a98c5533f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Mar 2022 18:11:54 GMT
server: cafe
content-length: 29388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Mar 2022 18:11:54 GMT
cache-control: private

GET
H3 200 pension-icon-e1601286702102.jpg
www.lisenbyretirement.com/wp-content/uploads/2020/09/ 7 KB
8 KB 52ms
52ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lisenbyretirement.com/wp-content/uploads/2020/09/pension-icon-e1601286702102.jpg
Requested by: Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6580342135a05fdb45d0ada2802205e19256ee4d4e321dde4b9a03466bde8c1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 877243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7138
last-modified: Mon, 28 Sep 2020 09:51:42 GMT
server: cloudflare
etag: "5f71b22e-1be2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cizev0iTmN7j8BQHKkK5V5aDX8fqHmnKkDXPW%2B3zV%2Bp7ROw9Ma8D7ch4LKFAqXQjP9LdvwBwiGObHgkHHjZRxVD8l5b7fT56JlvBEhgdguSiD09nmz3WD%2BhUhdJeiP0xjm1eNt1yZ%2FdW6TWe%2FhTCdEbU1By5%2Fcsm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6e645655ac18839c-MXP
expires: Wed, 23 Mar 2022 14:31:10 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9566.UbkPgnKpVFXRrUGt9t5j8S7uMGFiPqrXruLJgWKzlo1nodTl1z5aSshGyM6HKiZf.hxSZ4mqOhPKLj5ZCXsfHmcRg-CI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9566.-fj9EJ3qCZ2XZI5oVchkbur5HQT9qWLsXPRQ1dJYP7Cax98A0VM4MGpRucv0YJmuiBEqq_clrIe3M5WeBdYiQA%2C%2C.59XDLy7o5tVnY8nsTjFEXRlHxSY%2C

75 B
75 B

39ms
39ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9566.-fj9EJ3qCZ2XZI5oVchkbur5HQT9qWLsXPRQ1dJYP7Cax98A0VM4MGpRucv0YJmuiBEqq_clrIe3M5WeBdYiQA%2C%2C.59XDLy7o5tVnY8nsTjFEXRlHxSY%2C

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:54 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9566.-fj9EJ3qCZ2XZI5oVchkbur5HQT9qWLsXPRQ1dJYP7Cax98A0VM4MGpRucv0YJmuiBEqq_clrIe3M5WeBdYiQA%2C%2C.59XDLy7o5tVnY8nsTjFEXRlHxSY%2C
date: Thu, 03 Mar 2022 18:11:54 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 40ms
40ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:54 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 03 Mar 2022 19:11:54 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/67723162/
Redirect Chain

https://mc.yandex.com/watch/67723162?wmode=7&page-url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A406%3Afu%3A0%3A...
https://mc.yandex.com/watch/67723162/1?wmode=7&page-url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A406%3Afu%3A0%...

338 B
420 B

39ms
38ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/67723162/1?wmode=7&page-url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A728662725695%3Ahid%3A305084385%3Az%3A0%3Ai%3A20220303181153%3Aet%3A1646331114%3Ac%3A1%3Arn%3A454625195%3Arqn%3A1%3Au%3A1646331114697268801%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646331113298%3Ads%3A0%2C26%2C262%2C37%2C0%2C0%2C%2C89%2C6%2C%2C%2C%2C415%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646331114%3At%3APension%20info%20-%20everything%20about%20pension&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2ffa247841b205b33cf87bc1975e54f434e1074e741fd5bbebe28e634763edd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 18:11:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Mar-2022 18:11:54 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.lisenbyretirement.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Thu, 03-Mar-2022 18:11:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Mar 2022 18:11:54 GMT
last-modified: Thu, 03-Mar-2022 18:11:54 GMT
location: /watch/67723162/1?wmode=7&page-url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A406%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A728662725695%3Ahid%3A305084385%3Az%3A0%3Ai%3A20220303181153%3Aet%3A1646331114%3Ac%3A1%3Arn%3A454625195%3Arqn%3A1%3Au%3A1646331114697268801%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646331113298%3Ads%3A0%2C26%2C262%2C37%2C0%2C0%2C%2C89%2C6%2C%2C%2C%2C415%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646331114%3At%3APension%20info%20-%20everything%20about%20pension&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.lisenbyretirement.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 03-Mar-2022 18:11:54 GMT

GET
H2 200 10163362101830626480
tpc.googlesyndication.com/daca_images/simgad/ Frame C42D 59 KB
59 KB 35ms
10ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10163362101830626480

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&h=600&slotname=3170762745&adk=1751338581&adf=1175018886&pi=t.ma~as.3170762745&w=300&fwrn=4&fwrnh=100&lmt=1646331113&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113749&bpp=3&bdt=160&idt=100&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1804090654035&frm=20&pv=1&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5FubekaWOg&p=https%3A//www.lisenbyretirement.com&dtd=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2087f5f94ddede08453f291622603baf1947eefd9265eff5e6cc0914f2a3c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 05:03:09 GMT
x-content-type-options: nosniff
age: 220125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60483
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 23:36:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Mar 2023 05:03:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame C42D 19 KB
8 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 18:11:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame C42D 2 KB
1 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 18:11:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C42D 124 KB
39 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 18:11:54 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame C42D 15 KB
7 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 18:03:52 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame C42D 28 KB
12 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b04166b6e23095feb89427b395cff80036ef313d35ca34e3b4d2ca6c5ef32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 16:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11811
x-xss-protection: 0
server: cafe
etag: 8908131998612474304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 16:20:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C42D 0
0 31ms
31ms Fetch
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy6_36QQhYq-INoXz3wPj5LeQBqj7_6ZoyKLrnKUO3dkeEAEgjt34jgFgleKQgqAHoAGbiNGfA8gBAqkCHpBcRpiUsj6oAwHIA8kEqgTbAU_QY1EqaOhhyy5rnol18iziHOI4RhPR3lfgrvOeZSYWv03S7wSsDiBIMqorK24PKDoRZdMrZ0L8-kce7LTE5B8zigOZiuTGNjmYs0TNY_7CRvjopjiN471RuE1Br-7LjIG4p0-KpyOIjxXxlS1x84fPAX0UuzGcr-dbxhF-e9B4X4xu8KMEKEtLzHPWuJFubJ-YIbxe7j4UdepUHvIAKRvK_cotgngHLRySiSwyv95H7nng6reny8dOWXa1d-i3OVP16kZep00H5bFFQN-aN6g1OKQ3_idZxqO0LsAE3JLBq9gDkgUECAQYAZIFBAgFGASgBgKAB833rmCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDAqjLSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjQ0Nzg0MDM1MDI3NzU0ORgA&sigh=1D5oddBeFyg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&h=600&slotname=3170762745&adk=1751338581&adf=1175018886&pi=t.ma~as.3170762745&w=300&fwrn=4&fwrnh=100&lmt=1646331113&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113749&bpp=3&bdt=160&idt=100&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1804090654035&frm=20&pv=1&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5FubekaWOg&p=https%3A//www.lisenbyretirement.com&dtd=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 03 Mar 2022 18:11:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 03 Mar 2022 18:11:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 292D 143 B
163 B 14ms
13ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6447840350277549&output=html&h=600&slotname=3170762745&adk=1751338581&adf=1175018886&pi=t.ma~as.3170762745&w=300&fwrn=4&fwrnh=100&lmt=1646331113&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fwww.lisenbyretirement.com%2F%2317&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646331113749&bpp=3&bdt=160&idt=100&shv=r20220301&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1804090654035&frm=20&pv=1&ga_vid=1624199815.1646331114&ga_sid=1646331114&ga_hid=726741921&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C42531397%2C44750773%2C44752536%2C31065447&oid=2&pvsid=3877454752450605&pem=173&tmod=518677086&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5FubekaWOg&p=https%3A//www.lisenbyretirement.com&dtd=106

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 03 Mar 2022 17:14:40 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C42D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b26dab2428c5704828041405f4e0a719a4955290dac64222142c87e03c9389c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 51ms
36ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220301&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de97d0b070a3997117994a196e39268da6d661fab92554435f9ce4c92c950f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Mar 2022 18:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10496
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 292D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

55ms
55ms

Document
text/html

2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 03 Mar 2022 18:11:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Mar 2022 18:11:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 03 Mar 2022 18:11:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BD60 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 17:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 17:50:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 104ms
87ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Mar 2022 18:11:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 84B0 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Mar 2022 17:50:51 GMT
expires: Fri, 03 Mar 2023 17:50:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 942E 783 B
535 B 34ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

673b59256bfcc0e96b27167fc21ba7e682c3816fea574e6126c777eae926f922

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jJq88n9Jyul3j4kE+b4uIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 03 Mar 2022 18:11:54 GMT
date: Thu, 03 Mar 2022 18:11:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jJq88n9Jyul3j4kE+b4uIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 84B0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 17:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 17:50:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 942E 0
0 75ms
75ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220301&jk=3877454752450605&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 84B0 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yjyZ7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:11:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220301&jk=3877454752450605&bg=!IiGlIWXNAAYFuXAgBbk7ACkAdvg8WlX2TS3S0YICE-reb3RtHChWGwPjmzM1z27xBuadnaRe2x7F2AIAAABaUgAAAANoAQeZAr2dy6MHIXzRcXdMFWeqhR0-AR5Dzmv0jaj-8ta6nGafs_PLJkkEfmaK8mTRtDPF0f5Gh6xPeZLECA3c9p5egUE0dbhFZYXyoJ6RaXZTytCmsgo_nkII2sF-eS1cVUW7oZFVQrwX7r-eL64Z3EBn33UHF3SfQS3i7zyBj-zT68_JbQmzagyi_jkH0Ky5sYsamfujZgJmcny7cF4STp3aawiGEtp0xZdpPcWGLV3IdQi6xSotIlNHxqw3ELhovyqO9QcTmeSqA5Aw9ranl-rorM5cIxKXC8TkIxM4O2krWAhQS_MkVeTtCy0uF6y-dadReuWWAufH6mbl3dJvLtlMHBWzRpbMGLzw3uZDo9x59LgACon2k4WZm07EgLfgbBKmDeeL9usOBuGbuiEy5k4bnWYLq6aFctg4VlMQWIEtJF_FZvYMOmnQd01-g4Lh7dGa5kksBdKkFT5apL9Y3EYYlS6lrrbeWjg-JPu4LJPgSiTWRAvVFMIh1D3Wv4o5iv0b08mZLn0_p4Ut0LWjFmMAv_azRbp10gzS_rsKOyDuZRQ2TPJC5c2T1w9wwDG_yKlPR2T2pMJYAMuZu6aY6cFPJh_Wmv7SmZWI80wtb5pSDW4XNW0vWTy3P-cNzz326qZGQsUiXFx2A4FASdKd1Jt_yBxxUI5fogfo5-e2UkPxrFTc10IfbgacXwAY0tar2hwVSx6Y3ZkBqCPYCyyBSwL0u8uxMLrDk-UM2SkdaxI15ur1kIgpusMyCsft7eUzqActQ7VlO0HhrkuoHHlYi6LatrbYYWRu0ZS3QFZ2QLZPgVEAJ-SrlZmhWagZc5bYkTSxmvzMnTcI3d2lROR3wwx6Zeg9VCi90otN94al-NzHAR0U8Oo3SNRpMEMYGNeY63NC60mHxv4Zir9jMn6RcUl3WhqdIsKmaDlX5oaA1OvuKA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lisenbyretirement.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 18:11:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C42D 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRb7OQwvdWor4POCezY3DbDX9GKR19YyByTQK7OLhgYeKguEA5Xdo6cHJFNUHLU6n1YjEJIp6Z2oQcKbMH9FS6egl0WAI9GGuyM9OvzxU4KQdSA9MByg&sai=AMfl-YSAd1wTlpQbDo45FqvQnx8KlvqWHYMUej09mGv-4iKTGvQaUfgC4K6YRph8SwKSu8aL4zeUoja9J3Uq&sig=Cg0ArKJSzBDX-Im8lgJiEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1751338581&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646331113856&rpt=560&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 18:11:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.lisenbyretirement.com
URL: https://www.lisenbyretirement.com/rpJJdihz.js

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lisenbyretirement.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bd1488b4742b725592bb3b576e78998d
.ckeckstatus.biz/	1970-01-20 02:02:03	Name: uuid Value: 65b2ee55-ff2e-4215-9159-45aa28ceaffc
.lisenbyretirement.com/	1970-01-20 10:40:27	Name: __gads Value: ID=12ffbea9c456abad-22e63a6050cd0090:T=1646331113:RT=1646331113:S=ALNI_MZdx5FOCqIXiSicquHEzPzVVE_X7A
.lisenbyretirement.com/	1970-01-20 10:04:27	Name: _ym_uid Value: 1646331114697268801
.lisenbyretirement.com/	1970-01-20 10:04:27	Name: _ym_d Value: 1646331114
.mc.yandex.com/	1970-01-20 01:18:51	Name: sync_cookie_csrf Value: 3080519960fake
.lisenbyretirement.com/	1970-01-20 01:20:03	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 01:18:51	Name: sync_cookie_csrf Value: 4278532769fake
.yandex.com/	1970-01-20 10:04:27	Name: yandexuid Value: 188558301646331114
.yandex.com/	1970-01-20 10:04:27	Name: yuidss Value: 188558301646331114
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1377684231646331114
.yandex.com/	1970-01-23 16:54:51	Name: i Value: eZb6c2KlJ7VACk7JxZyOucyLBb0SAuLHXxJBXcSvvgeNxZey4zr0GmICKV7Qmsl8XlhXzDyg8ThG8E0RT6FxS5BVugA=
.yandex.com/	1970-01-20 10:04:27	Name: ymex Value: 1677867114.yrts.1646331114#1677867114.yrtsi.1646331114
.doubleclick.net/	1970-01-20 10:40:27	Name: IDE Value: AHWqTUnmjcKXZimQ0eDFswn5Igj6tRBtzqTdbanf3FYT-0nWp4zXbv7i5OFI439C_ts
.doubleclick.net/	1970-01-20 01:18:54	Name: DSID Value: NO_DATA
www.lisenbyretirement.com/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9566.-fj9EJ3qCZ2XZI5oVchkbur5HQT9qWLsXPRQ1dJYP7Cax98A0VM4MGpRucv0YJmuiBEqq_clrIe3M5WeBdYiQA%2C%2C.59XDLy7o5tVnY8nsTjFEXRlHxSY%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ckeckstatus.biz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.lisenbyretirement.com
www.lisenbyretirement.com
134.209.136.174
142.250.185.226
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
2a00:1450:400e:811::2002
2a02:6b8::1:119
2a06:98c1:3120::7
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
14caf2d0fa99e64b1c4d1404febcb9db8c02b97d4150de66d2363bf2222016ac
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1eb677ff632aae24e700d06662bdc24c74587fe63d27f506666a1d6922ad64f9
2087f5f94ddede08453f291622603baf1947eefd9265eff5e6cc0914f2a3c6cd
2ffa247841b205b33cf87bc1975e54f434e1074e741fd5bbebe28e634763edd6
3e2a117c565fa048515446bcba594322f5a253942fab5f160f0ae63733a62deb
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e8938e2985d53c6b8d58c1236f0c373ecf949979cce58f12ee762ec729a142
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6580342135a05fdb45d0ada2802205e19256ee4d4e321dde4b9a03466bde8c1b
673b59256bfcc0e96b27167fc21ba7e682c3816fea574e6126c777eae926f922
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87b9acbd10cee79329f9e7b013c3f3c5e76e4e480d337d584a9da956dc3ade1f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7fba81a4510be9fe7ad6dc107aeda80a76b4841016f4a80e64975650942112b
aafa92bcc76b5e708317e046c4e0e7e84910126f2fb4160a00082a98c5533f2c
b09230ba7ade38bc62a838785ba1eee6a551a060019bdbb9aa55af31f9cf18e8
b26dab2428c5704828041405f4e0a719a4955290dac64222142c87e03c9389c3
bc692b6fd5ac3d84160f317148a0bfebb3a74044b00622318895913784ca2661
bc73d188090ccf54462917db72c1cc11fc803e1ef26b1ef397d542690bed3fdf
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d3042a77c38254c835a78053f124235d0fccf6f85f465b1119f02b7f127138d4
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
de97d0b070a3997117994a196e39268da6d661fab92554435f9ce4c92c950f20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b04166b6e23095feb89427b395cff80036ef313d35ca34e3b4d2ca6c5ef32d
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

www.lisenbyretirement.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

85 %IPv6

12 Domains

14 Subdomains

14 IPs

5 Countries

688 kBTransfer

1591 kBSize

16 Cookies

1 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lisenbyretirement.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

14
IPs

5
Countries

688 kB
Transfer

1591 kB
Size

16
Cookies

52 HTTP transactions
2 data transactions