Submitted URL: https://geneenroth.com/email/link.php?M=290179&N=1344&L=401&F=T
Effective URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Submission: On July 11 via manual from GB — Scanned from GB

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 47 HTTP transactions. The main IP is 35.190.83.183, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is retreats.geneenroth.com.
TLS certificate: Issued by GTS CA 1D4 on June 7th 2022. Valid for: 3 months.
This is the only time retreats.geneenroth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
27 geneenroth.com
geneenroth.com
retreats.geneenroth.com
2 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1748
q.stripe.com — Cisco Umbrella Rank: 12728
m.stripe.com — Cisco Umbrella Rank: 1533
80 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1852
18 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 gstatic.com
fonts.gstatic.com
63 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
110 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
444 B
1 rackcdn.com
aa0221779a48f78a9ad4-e74d0921b9d54a102fe371691c69d367.ssl.cf2.rackcdn.com
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
40 KB
47 10
Domain Requested by
24 retreats.geneenroth.com retreats.geneenroth.com
3 q.stripe.com retreats.geneenroth.com
3 js.stripe.com retreats.geneenroth.com
js.stripe.com
3 fonts.googleapis.com retreats.geneenroth.com
3 geneenroth.com 1 redirects retreats.geneenroth.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net retreats.geneenroth.com
connect.facebook.net
1 m.stripe.com m.stripe.network
1 stats.g.doubleclick.net www.google-analytics.com
1 aa0221779a48f78a9ad4-e74d0921b9d54a102fe371691c69d367.ssl.cf2.rackcdn.com retreats.geneenroth.com
1 www.googletagmanager.com retreats.geneenroth.com
47 13

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.twitter.com
www.youtube.com
Subject Issuer Validity Valid
retreats.geneenroth.com
GTS CA 1D4
2022-06-07 -
2022-09-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-05-20 -
2022-09-25
4 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-04-20 -
2022-07-19
3 months crt.sh
geneenroth.com
GTS CA 1D4
2022-06-05 -
2022-09-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.ssl.cf2.rackcdn.com
DigiCert SHA2 Secure Server CA
2022-01-30 -
2023-01-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-05-25 -
2022-09-08
4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-11 -
2022-10-19
3 months crt.sh

This page contains 3 frames:

Primary Page: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Frame ID: 997F2579266452A3FAF35D72C7AC1FBC
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 93CB22FC1969CAC876C5C9822FF062BA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F70803A61BB4894533C27A0218E1EB70
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Geneen Roth Retreats | Geneen Roth Retreats site

Page URL History Show full URLs

  1. https://geneenroth.com/email/link.php?M=290179&N=1344&L=401&F=T HTTP 302
    https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+M... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

47
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

2515 kB
Transfer

24062 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://geneenroth.com/email/link.php?M=290179&N=1344&L=401&F=T HTTP 302
    https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
retreats.geneenroth.com/may-online/
Redirect Chain
  • https://geneenroth.com/email/link.php?M=290179&N=1344&L=401&F=T
  • https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
4 KB
2 KB
Document
General
Full URL
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d5a537fd39fc2e4ea6bd0279900a80fc68b129ad9fedde699a16094547812ad0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
1797
content-type
text/html
date
Mon, 11 Jul 2022 21:32:48 GMT
etag
"fec-5dd19cfa262c0-gzip"
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
via
1.1 varnish-v4, 1.1 google
x-varnish
69382145

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Jul 2022 21:32:48 GMT
location
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
server
Apache/2.4.38 (Debian)
via
1.1 google
x-powered-by
PHP/7.3.27
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Caveat|Roboto&display=swap
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fadfb5a34489c937bbf66d3b66ddb3e7debdd7e9a6b0ae6db35adcc62c82b453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:32:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 21:32:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 21:32:49 GMT
css
fonts.googleapis.com/
708 B
440 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:36:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 21:32:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 21:32:49 GMT
css
fonts.googleapis.com/
1 KB
482 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Catamaran&display=swap
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f1cf13d1fbfbcb4b1831048137ba581a0bc71cfd349804da20ef651745b5415
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:32:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 11 Jul 2022 21:32:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Jul 2022 21:32:49 GMT
js
www.googletagmanager.com/gtag/
103 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1367749-1
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6ca91ea23ce771bfe6cf31f5b871b6fa1435ec3c4738e95fdcd2aed6f67d37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40384
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:04:44 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Jul 2022 21:32:49 GMT
/
js.stripe.com/v3/
316 KB
75 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
96e194b10e24dc030925d3a7ac2922b19e391d83e8cf8fd5615de8ae6418f8b0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
47
x-cache
Hit from cloudfront
date
Mon, 11 Jul 2022 21:32:04 GMT
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified
Fri, 08 Jul 2022 18:04:48 GMT
server
Cloudfront
etag
W/"f49971a10666cb56ba10c384d89cbc5e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
sJ02E9FhyTIvpovKPoSBvjlSzwY0MuFDIl0Kid_WRfzLz1zMqKzR3g==
2.67a7b24c.chunk.css
retreats.geneenroth.com/may-online/static/css/
190 KB
34 KB
Stylesheet
General
Full URL
https://retreats.geneenroth.com/may-online/static/css/2.67a7b24c.chunk.css
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
71d792919d56fb15fb080978d7bf3028b703a71d7b83849053c7945a2a0f9731

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:42 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"2f95d-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
74090111 72985183
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34459
expires
Tue, 11 Jul 2023 21:22:42 GMT
main.498d002a.chunk.css
retreats.geneenroth.com/may-online/static/css/
344 B
375 B
Stylesheet
General
Full URL
https://retreats.geneenroth.com/may-online/static/css/main.498d002a.chunk.css
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
bb612124bc120b936f71545612ad190b16a1083970dc8fda34345e8ba13a059b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:42 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"158-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
68418531 71443238
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
expires
Tue, 11 Jul 2023 21:22:42 GMT
2.3295bd5e.chunk.js
retreats.geneenroth.com/may-online/static/js/
852 KB
246 KB
Script
General
Full URL
https://retreats.geneenroth.com/may-online/static/js/2.3295bd5e.chunk.js
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d50a0967a2a5e986c8418545e93171bb22ffc54a40ab022dd36b30b1f40901ca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:42 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"d4e7b-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
73470493 73539147
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251724
expires
Tue, 11 Jul 2023 21:22:42 GMT
main.8eef5374.chunk.js
retreats.geneenroth.com/may-online/static/js/
127 KB
43 KB
Script
General
Full URL
https://retreats.geneenroth.com/may-online/static/js/main.8eef5374.chunk.js
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
8765f9dc0aa12a3e5e44641753e72da950d5c0d07c4262e9acbc61d39d12fda6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:42 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"1fcd9-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
73895138 65592588
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43420
expires
Tue, 11 Jul 2023 21:22:42 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25939
x-xss-protection
0
pragma
public
x-fb-debug
qa7xTMQjBbjrn1GTG7wiSmc+IhggoG8UQCdJ+MjyfNbzNH9cHrmjOdhhRtFNCM9eynUv/Pfkf+U5g4B8xKnr4w==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 11 Jul 2022 21:32:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
May%202022%20Retreat%20NEW%20Header.68a05f27.jpeg
retreats.geneenroth.com/may-online/static/media/
113 KB
113 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/May%202022%20Retreat%20NEW%20Header.68a05f27.jpeg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ec33129978c4774d0a2abcbf87cda3d95340c8fc131816f239460d6d539a0208

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"1c29e-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
69382148 73895055
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115358
expires
Tue, 11 Jul 2023 21:22:43 GMT
retreatvideoposter.6dbb23f0.jpg
retreats.geneenroth.com/may-online/static/media/
179 KB
179 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/retreatvideoposter.6dbb23f0.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d1ba64aec711ed1b3df6422395c2e4aae7cfaa0cdd3b65146264138486dff514

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"2cd26-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
73470495 73539149
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183590
expires
Tue, 11 Jul 2023 21:22:43 GMT
goopLogo.1686ef3d.svg
retreats.geneenroth.com/may-online/static/media/
2 KB
949 B
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/goopLogo.1686ef3d.svg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
c0a48e2f11d2d1bf0d0377f6a22d6a4cd354520f4882b4ac191c6998866f0d04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"794-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
70910206
accept-ranges
bytes, bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
925
expires
Tue, 11 Jul 2023 21:32:49 GMT
npr-logo.070a21ec.svg
retreats.geneenroth.com/may-online/static/media/
1001 B
555 B
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/npr-logo.070a21ec.svg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
f706b55d047b48cadabd4fd6c3ad48a413cd96eb257f9faa0625fbdf93ab3d01

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"3e9-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
68418533
accept-ranges
bytes, bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
531
expires
Tue, 11 Jul 2023 21:32:49 GMT
nbcLogo.9a155a8c.png
retreats.geneenroth.com/may-online/static/media/
63 KB
63 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/nbcLogo.9a155a8c.png
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
11e93c65b62304ea837d8acccfcd669da60f0fe696bfac91585a917e77cf57aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"fb8f-5dd19cfa262c0"
content-type
image/png
cache-control
max-age=31536000
x-varnish
66413758 72985185
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64399
expires
Tue, 11 Jul 2023 21:22:43 GMT
oprah-winfrey-logo.2ce10c5a.png
retreats.geneenroth.com/may-online/static/media/
20 KB
20 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/oprah-winfrey-logo.2ce10c5a.png
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
95c1e24fefcf26918b2941a528e584e24bec9f1368c5a9d05ca03247ffe5e761

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"511d-5dd19cfa262c0"
content-type
image/png
cache-control
max-age=31536000
x-varnish
73895140 69382091
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20765
expires
Tue, 11 Jul 2023 21:22:43 GMT
pp_icon_bullet_proof.960144ad.png
retreats.geneenroth.com/may-online/static/media/
23 KB
23 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/pp_icon_bullet_proof.960144ad.png
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
1d80b2451e5415cb77121c5b8f345209e61340ea5a38ed07e3ee7fd37e6e597c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"5c30-5dd19cfa262c0"
content-type
image/png
cache-control
max-age=31536000
x-varnish
66802890 71443240
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23600
expires
Tue, 11 Jul 2023 21:22:43 GMT
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bc61e9c7193f6c528299fff6398f66f774bc494782ccdeaa03c40c9828115eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
10 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3d0f88af123feee032438b6acc31fa70ab49c49eb4996d02c8ca2615c8bd70d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
WhatPeopleSayPoster.e29061fd.jpg
retreats.geneenroth.com/may-online/static/media/
30 KB
31 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/WhatPeopleSayPoster.e29061fd.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
0094deb7ca7739869bef8a9610047c07c5a60f33ca2fcfb0cc7398fe57cc1619

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"79e1-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
68107277 70555685
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31201
expires
Tue, 11 Jul 2023 21:22:43 GMT
GeneenGroup2.726dd2f2.jpg
retreats.geneenroth.com/may-online/static/media/
49 KB
49 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/GeneenGroup2.726dd2f2.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
9df28493d457c636d041d28c08fbcc03f252856d77001e58aa5556febd6eabde

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"c4cd-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
71503150 72755145
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50381
expires
Tue, 11 Jul 2023 21:22:43 GMT
Cancer-chronicles-32-11102020-400.5a3d6170.png
retreats.geneenroth.com/may-online/static/media/
237 KB
237 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/Cancer-chronicles-32-11102020-400.5a3d6170.png
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
7acc21fe896572fa247792427317aaa029503433879721212a2c8348ae872158

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"3b47b-5dd19cfa262c0"
content-type
image/png
cache-control
max-age=31536000
x-varnish
73309693 69184765
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
242811
expires
Tue, 11 Jul 2023 21:22:43 GMT
GeneenGroup6.92a137fa.jpg
retreats.geneenroth.com/may-online/static/media/
55 KB
55 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/GeneenGroup6.92a137fa.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
20b07c4d013f92a2a8889b009b38899ccce038df188f35b7ea7b25771b91423c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"dda9-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
74090113 72424405
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56745
expires
Tue, 11 Jul 2023 21:22:43 GMT
instagram.f2c6427f.svg
retreats.geneenroth.com/may-online/static/media/
3 KB
1 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/instagram.f2c6427f.svg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
922c0ee08e7aee61e6ea35d4116ee2b9644326386fc1a2c56006cb21b6b8c5aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"a7c-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
66156011
accept-ranges
bytes, bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1211
expires
Tue, 11 Jul 2023 21:32:49 GMT
facebook.07d23253.svg
retreats.geneenroth.com/may-online/static/media/
538 B
342 B
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/facebook.07d23253.svg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"21a-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
73895141 73895142
accept-ranges
bytes, bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
expires
Tue, 11 Jul 2023 21:32:49 GMT
twitter.f7ea5329.svg
retreats.geneenroth.com/may-online/static/media/
758 B
483 B
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/twitter.f7ea5329.svg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"2f6-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
66287847
accept-ranges
bytes, bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
459
expires
Tue, 11 Jul 2023 21:32:49 GMT
youtube.2bf5c710.svg
retreats.geneenroth.com/may-online/static/media/
505 B
296 B
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/youtube.2bf5c710.svg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"1f9-5dd19cfa262c0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish-v4, 1.1 google
cache-control
max-age=31536000
x-varnish
71380532
accept-ranges
bytes, bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
expires
Tue, 11 Jul 2023 21:32:49 GMT
GR_flower_bullet.png
geneenroth.com/wp-content/uploads/2019/09/
2 KB
2 KB
Image
General
Full URL
https://geneenroth.com/wp-content/uploads/2019/09/GR_flower_bullet.png
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
ded99914bc3e4572830da862e884e519d3f305c0e8e8f1299a1cc19c76ab63a0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:22:43 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Fri, 13 Sep 2019 01:02:32 GMT
server
Apache/2.4.38 (Debian)
age
606
etag
"636-59264cf14e4a4"
content-type
image/png
cache-control
max-age=31536000
x-varnish
68418536 71380438
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1590
expires
Tue, 11 Jul 2023 21:22:43 GMT
EarthRise-Hills.a36b3d5e.jpg
retreats.geneenroth.com/may-online/static/media/
760 KB
760 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/EarthRise-Hills.a36b3d5e.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
3600260d9cc9af485126dee28c6051551d01938a5a7cf1ac2e40f1bea2ee0a20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"bde52-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
68107278 68107279
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
777810
expires
Tue, 11 Jul 2023 21:32:49 GMT
EarthRise-Vista2.f30b130f.jpg
retreats.geneenroth.com/may-online/static/media/
138 KB
138 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/EarthRise-Vista2.f30b130f.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
9f588e8662aba5d7df2e452eb824dd80cd26051f1546882eaa1a569386e30cce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"2271b-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
71769403
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141083
expires
Tue, 11 Jul 2023 21:32:49 GMT
GeneenGroup5.362784e1.jpg
retreats.geneenroth.com/may-online/static/media/
50 KB
50 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/GeneenGroup5.362784e1.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
9ccf58fe576ce275f91dcd2c2229773c824abc45825ab551929fc2bdd369f451

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"c7f9-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
68107281
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51193
expires
Tue, 11 Jul 2023 21:32:49 GMT
nightSky.16cfed57.jpg
retreats.geneenroth.com/may-online/static/media/
128 KB
128 KB
Image
General
Full URL
https://retreats.geneenroth.com/may-online/static/media/nightSky.16cfed57.jpg
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
c2f93529a75a0fefeb9ca64637f38a9a8fdcf6c64caf3b4284a0f7b9fd914165

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Wed, 20 Apr 2022 18:03:31 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"20067-5dd19cfa262c0"
content-type
image/jpeg
cache-control
max-age=31536000
x-varnish
71769406
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131175
expires
Tue, 11 Jul 2023 21:32:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Caveat|Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://retreats.geneenroth.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:07:55 GMT
x-content-type-options
nosniff
age
8694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:07:55 GMT
WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2
fonts.gstatic.com/s/caveat/v17/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/caveat/v17/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Caveat|Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d048e18c5335f654acb5a76c853bd08f216312c5ca3153965c767499fc082ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://retreats.geneenroth.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 16:31:09 GMT
x-content-type-options
nosniff
age
277300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47832
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:31:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jul 2023 16:31:09 GMT
139859560267687
connect.facebook.net/signals/config/
291 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/139859560267687?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e1d411ab1d4ce1f8367d8e0a1d0507820b2a0a12c1eaaae6ad76edfd4d96e219
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
V2w/kXNaxRgp7zNSOncoIGT089SCs/Tmwq33+5Hger8HlObReWUN3eRdfyjw/bb6HY0UQz9SgvaXIIV7veWc2g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 11 Jul 2022 21:32:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1657575169818
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Geneen%20Roth%20-%20Final%20Cut.mp4
aa0221779a48f78a9ad4-e74d0921b9d54a102fe371691c69d367.ssl.cf2.rackcdn.com/promo/
16 MB
0
Media
General
Full URL
https://aa0221779a48f78a9ad4-e74d0921b9d54a102fe371691c69d367.ssl.cf2.rackcdn.com/promo/Geneen%20Roth%20-%20Final%20Cut.mp4
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://retreats.geneenroth.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 11 Jul 2022 21:32:49 GMT
Origin
https://mycloud.rackspace.com
Last-Modified
Fri, 30 Oct 2020 19:43:16 GMT
X-Trans-Id
tx1e3268eb05364cf093848-0062c605bbord1
ETag
ace30d306e0b08d3243a24f84960e12a
Content-Type
video/mp4
Content-Range
bytes 0-404771463/404771464
X-Timestamp
1604086995.04496
Cache-Control
public, max-age=107777
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
404771464
Expires
Wed, 13 Jul 2022 03:29:06 GMT
testimonials-clip1-v5d_2000Kbps_720p.mp4
geneenroth.com/wp-content/uploads/2019/09/
4 MB
0
Media
General
Full URL
https://geneenroth.com/wp-content/uploads/2019/09/testimonials-clip1-v5d_2000Kbps_720p.mp4
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.83.183 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.83.190.35.bc.googleusercontent.com
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Referer
https://retreats.geneenroth.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 11 Jul 2022 21:32:49 GMT
via
1.1 varnish-v4, 1.1 google
last-modified
Fri, 13 Sep 2019 23:10:56 GMT
server
Apache/2.4.38 (Debian)
age
0
etag
"253581e-592775dd2251d"
content-type
video/mp4
Content-Range
bytes 0-39016477/39016478
cache-control
max-age=31536000
x-varnish
73309695
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
39016478
expires
Tue, 11 Jul 2023 21:32:49 GMT
truncated
/
6 KB
6 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82f00f228a613ff3054a0631923c5e6c839ae94c0907d2c30f6d135b12136a99

Request headers

Referer
Origin
https://retreats.geneenroth.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/font-woff
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1367749-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://retreats.geneenroth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1612
date
Mon, 11 Jul 2022 21:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 11 Jul 2022 23:05:57 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1773438942&t=pageview&_s=1&dl=https%3A%2F%2Fretreats.geneenroth.com%2Fmay-online%2F%3Futm_source%3DMailingList%26utm_medium%3Demail%26utm_campaign%3DOn%2BMonday%2BMorning%2B-%2BJune%2B27&ul=en-us&de=UTF-8&dt=Geneen%20Roth%20Retreats%20%7C%20Geneen%20Roth%20Retreats%20site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1121079097&gjid=1671048081&cid=1029381364.1657575170&tid=UA-1367749-1&_gid=1001623521.1657575170&_r=1&gtm=2ou760&z=1863498318
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://retreats.geneenroth.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 21:32:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retreats.geneenroth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1367749-1&cid=1029381364.1657575170&jid=1121079097&gjid=1671048081&_gid=1001623521.1657575170&_u=YEBAAUAAAAAAAC~&z=812538658
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://retreats.geneenroth.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jul 2022 21:32:50 GMT
content-type
text/plain
access-control-allow-origin
https://retreats.geneenroth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-6262077c14f753400d607dc30e70f1af.html
js.stripe.com/v3/ Frame 93CB
240 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://retreats.geneenroth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3473
cache-control
max-age=31536000
content-length
240
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 20:35:08 GMT
etag
"6262077c14f753400d607dc30e70f1af"
last-modified
Thu, 07 Jul 2022 23:23:31 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-id
KTgElP9MHDoed1FZcpwQa5s-_20u9JTRulI08mgaIUoeQDFK0tDnIg==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 93CB
0
571 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 11 Jul 2022 21:32:50 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 93CB
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 11 Jul 2022 21:32:50 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
js.stripe.com/v3/fingerprinted/js/ Frame 93CB
1 KB
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-91.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
23
x-cache
Hit from cloudfront
date
Mon, 11 Jul 2022 21:32:27 GMT
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:43:57 GMT
server
Cloudfront
etag
W/"77711798ecf99b8bb8207cf88a10d73c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
qp_CgYHYnMJsLUWgkJu_ZN4yrd74bKHz-WTPIdBPgXhLXbKe6nvisA==
inner.html
m.stripe.network/ Frame F708
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
161
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 11 Jul 2022 21:30:18 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id
NJnnIpOdeF5eOuHP24dAI2VkpakLYhOYuXtOk2OrZDVHfkbUjK-XnQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame F708
0
345 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: retreats.geneenroth.com
URL: https://retreats.geneenroth.com/may-online/?utm_source=MailingList&utm_medium=email&utm_campaign=On+Monday+Morning+-+June+27
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 11 Jul 2022 21:32:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
19
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame F708
86 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
38
date
Mon, 11 Jul 2022 21:32:16 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
hpG47AsLJsU-vPhotWZYCIkn9buBqEhAmMoLjHjvxSdInC8zEvBGxA==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame F708
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.194.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-194-100.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b016e916f85f4eea070b2b3ce58aca52b54cc4205cc43c093c1fa6c5135e64d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jul 2022 21:32:51 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq function| gtag object| dataLayer object| webpackJsonpretreat number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __webpackStripeJSv3Jsonp function| Stripe object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.geneenroth.com/ Name: _ga
Value: GA1.2.1029381364.1657575170
.geneenroth.com/ Name: _gid
Value: GA1.2.1001623521.1657575170
.geneenroth.com/ Name: _gat_gtag_UA_1367749_1
Value: 1
m.stripe.com/ Name: m
Value: cc2c91a3-ae73-4497-8e30-bb6c498bb68f29399a
.retreats.geneenroth.com/ Name: __stripe_mid
Value: 35b0db28-6fa2-4664-87f4-14b588dd22961b27c1
.retreats.geneenroth.com/ Name: __stripe_sid
Value: 0184686a-5c41-4322-9387-16a548e0c0264f4cbd

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa0221779a48f78a9ad4-e74d0921b9d54a102fe371691c69d367.ssl.cf2.rackcdn.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geneenroth.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
retreats.geneenroth.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.225.78.91
2001:4860:4802:32::178
23.35.236.144
2600:9000:20eb:f000:19:7d10:bd80:93a1
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9d
2a03:2880:f02d:100:face:b00c:0:3
35.190.83.183
52.34.194.100
54.186.23.98
0094deb7ca7739869bef8a9610047c07c5a60f33ca2fcfb0cc7398fe57cc1619
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
11e93c65b62304ea837d8acccfcd669da60f0fe696bfac91585a917e77cf57aa
1d80b2451e5415cb77121c5b8f345209e61340ea5a38ed07e3ee7fd37e6e597c
20b07c4d013f92a2a8889b009b38899ccce038df188f35b7ea7b25771b91423c
3600260d9cc9af485126dee28c6051551d01938a5a7cf1ac2e40f1bea2ee0a20
3bc61e9c7193f6c528299fff6398f66f774bc494782ccdeaa03c40c9828115eb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71d792919d56fb15fb080978d7bf3028b703a71d7b83849053c7945a2a0f9731
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
7acc21fe896572fa247792427317aaa029503433879721212a2c8348ae872158
82f00f228a613ff3054a0631923c5e6c839ae94c0907d2c30f6d135b12136a99
8765f9dc0aa12a3e5e44641753e72da950d5c0d07c4262e9acbc61d39d12fda6
8f1cf13d1fbfbcb4b1831048137ba581a0bc71cfd349804da20ef651745b5415
922c0ee08e7aee61e6ea35d4116ee2b9644326386fc1a2c56006cb21b6b8c5aa
95c1e24fefcf26918b2941a528e584e24bec9f1368c5a9d05ca03247ffe5e761
96e194b10e24dc030925d3a7ac2922b19e391d83e8cf8fd5615de8ae6418f8b0
9ccf58fe576ce275f91dcd2c2229773c824abc45825ab551929fc2bdd369f451
9df28493d457c636d041d28c08fbcc03f252856d77001e58aa5556febd6eabde
9f588e8662aba5d7df2e452eb824dd80cd26051f1546882eaa1a569386e30cce
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6ca91ea23ce771bfe6cf31f5b871b6fa1435ec3c4738e95fdcd2aed6f67d37b
b016e916f85f4eea070b2b3ce58aca52b54cc4205cc43c093c1fa6c5135e64d9
bb612124bc120b936f71545612ad190b16a1083970dc8fda34345e8ba13a059b
c0a48e2f11d2d1bf0d0377f6a22d6a4cd354520f4882b4ac191c6998866f0d04
c2f93529a75a0fefeb9ca64637f38a9a8fdcf6c64caf3b4284a0f7b9fd914165
d048e18c5335f654acb5a76c853bd08f216312c5ca3153965c767499fc082ea9
d1ba64aec711ed1b3df6422395c2e4aae7cfaa0cdd3b65146264138486dff514
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d50a0967a2a5e986c8418545e93171bb22ffc54a40ab022dd36b30b1f40901ca
d5a537fd39fc2e4ea6bd0279900a80fc68b129ad9fedde699a16094547812ad0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded99914bc3e4572830da862e884e519d3f305c0e8e8f1299a1cc19c76ab63a0
e1d411ab1d4ce1f8367d8e0a1d0507820b2a0a12c1eaaae6ad76edfd4d96e219
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0f88af123feee032438b6acc31fa70ab49c49eb4996d02c8ca2615c8bd70d
ec33129978c4774d0a2abcbf87cda3d95340c8fc131816f239460d6d539a0208
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f706b55d047b48cadabd4fd6c3ad48a413cd96eb257f9faa0625fbdf93ab3d01
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fadfb5a34489c937bbf66d3b66ddb3e7debdd7e9a6b0ae6db35adcc62c82b453