cheevasomretreat.us Open in urlscan Pro
2606:4700:3034::6815:32c5  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cheevasomretreat.us/	571 KB 109 KB	255ms 159ms	Document text/html	2606:4700:3034::6815:32c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d777ec43a5f40a3b283754ae59bbe392f4578131ae845d683c8f63e3dab3478 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control public, no-cache cf-cache-status DYNAMIC cf-ray 85b1e846cd856daa-MIA content-encoding br content-type text/html; charset=utf-8 date Sun, 25 Feb 2024 18:10:50 GMT last-modified Sat, 24 Feb 2024 00:50:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLYTZmZMQX%2BUA48EKdgGq8vSY0LxAbRb%2FmcyZZf5p6pIQFF3I0ngS6Tj8vexlt79HAtL6leyGNcNdWVi9%2F8I5LTBy3yCOwnKFG1XZ2dI7Q0zaCcyBvGsgZW7bSJ5epgOIQp3R3HHFZBEO5On6h0nOI17"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-render-cache RETURNCACHED x-ueni-region us1p
GET H2	200	style.json api.maptiler.com/maps/streets/	0 0	215ms 84ms	Stylesheet application/json	2606:4700::6811:5a57 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.maptiler.com/maps/streets/style.json?key=OnLW5fSzsfAkkYcTBW9y Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:5a57 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers
GET H2	200	5cf660af-6763-4645-8c93-e2b5c8297e45.png speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/n300_140a/image/upload/v1707581473/business/	6 KB 6 KB	253ms 122ms	Image image/png	2606:4700:10::6816:366e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/n300_140a/image/upload/v1707581473/business/5cf660af-6763-4645-8c93-e2b5c8297e45.png Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 941eb2e7ffcad90c9825522d7b795137b187e89723081ed066747a3102a8f67e Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-request-id NR5FGGNRJAEK246H x-77-cache HIT x-cache MISS x-accel-date 1708842645 alt-svc h3=":443"; ma=86400 content-length 6095 x-amz-id-2 ZUm3Ycz+UAU+38QS+pcI7ei85OR922kirEPFx3fNhdan5cpJe4HQoF1mt7VW3zqMqi5ScZ8oYW0= x-77-nzt EggBWbutCgFBDAGckjvoAfcVpAAA x-77-age 42005 x-amz-expiration expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images" last-modified Sat, 10 Feb 2024 16:12:43 GMT server cloudflare etag "91ec3a6685ec4c6a22ebf521e2d65412" x-77-nzt-ray 596cea2e2dccae67aa82db65357f6417 vary Accept-Encoding content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848a8e2335e-MIA
GET H2	200	1a437e99ad3c493293439810d0f2602d.jpg speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c1920_800a/image/upload/v1707578606/business/	100 KB 100 KB	336ms 294ms	Image image/jpeg	2606:4700:10::6816:366e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c1920_800a/image/upload/v1707578606/business/1a437e99ad3c493293439810d0f2602d.jpg Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc1b88e79c0efb2fbf104b3cbb60eec539102e393c550aa3e1fc54a919dae273 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-request-id NR53K88NC97N3RN0 x-77-cache HIT x-cache MISS x-accel-date 1708842645 alt-svc h3=":443"; ma=86400 content-length 102331 x-amz-id-2 qW+Xmz9/B/pf6PhY2uvAAROXeC7SKT8wTl5Kt35sR6IJzTmAERJ02vXM+fKFBBK0NwtDgARzkRI= x-77-nzt EggBWbutCgFBDAGckjvoAfcVpAAA x-77-age 42005 x-amz-expiration expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images" last-modified Sat, 10 Feb 2024 16:03:18 GMT server cloudflare etag "3530213152be7471f5bba8f3442b4da1" x-77-nzt-ray 596cea2e64c24f74aa82db652404d815 vary Accept-Encoding content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848a8e6335e-MIA
GET H2	200	f8114f29d93a4c9f984062ce8d48e04d.jpg speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/	35 KB 36 KB	149ms 107ms	Image image/jpeg	2606:4700:10::6816:366e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/f8114f29d93a4c9f984062ce8d48e04d.jpg Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 203ea888efee464b8b65934f6caa1406b56de74c3637d501ad493f8271855113 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-request-id NR5C2SQJR32WGADQ x-77-cache HIT x-cache MISS x-accel-date 1708842645 alt-svc h3=":443"; ma=86400 content-length 36308 x-amz-id-2 heBz0h+OaR3XyfALr0KO8zVmm6JD0ALFIqE5GQ2/m4HEQISyEWAcTKMKMdtLkQ1JY67HiZQY4HI= x-77-nzt EggBWbutCgFBDAGckjviAfcVpAAA x-77-age 42005 x-amz-expiration expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images" last-modified Sat, 10 Feb 2024 16:05:11 GMT server cloudflare etag "626f192b4a06e0ede11f701c72b992c4" x-77-nzt-ray 596cea2eafb95174aa82db65a60ee115 vary Accept-Encoding content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848a8e9335e-MIA
GET H2	200	natural.acf00c8a78b8f43cec44f4d19b838a14081e3d02.js Show response s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/js/	4 MB 1 MB	187ms 56ms	Script application/javascript	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/js/natural.acf00c8a78b8f43cec44f4d19b838a14081e3d02.js Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 942c4ff867fef78f05d7cafffdf2f0b7d3d7dabe1c25dea44637758de41ccd0c Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT content-encoding br cf-cache-status HIT age 885801 cf-polished origSize=4588448 x-amz-server-side-encryption AES256 x-77-cache HIT x-cache MISS x-accel-date 1707985657 alt-svc h3=":443"; ma=86400 x-77-nzt EggBWbutCgFBDAGckjvoAfefMgAA x-77-age 12959 cf-bgj minify last-modified Thu, 15 Feb 2024 08:21:05 GMT server cloudflare etag W/"ad91ee35e2e01fbd1883f0cf5f7596e1" x-77-nzt-ray 596cea2e598d32aa98fdcd65d38dd32f vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 cf-ray 85b1e848ab004c07-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:27:37 GMT
GET H2	200	8vIJ7ww63mVu7gt7-GT7PkRXM8Xx.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/	13 KB 14 KB	184ms 54ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/8vIJ7ww63mVu7gt7-GT7PkRXM8Xx.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4472704c959cc16491598c23e505bc4bb953cbd03a0759bcd608af92f1f61ec Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 871161 x-accel-date 1708013489 alt-svc h3=":443"; ma=86400 content-length 13728 x-77-nzt EgwBWbutCgH3+UoNAAwBnJI76AH3xmoAAA x-77-age 898495 last-modified Thu, 15 Feb 2024 08:21:15 GMT server cloudflare etag "176fe66ccae64deb78e774cb8172d6c8" x-77-nzt-ray 596cea2e6bce3c74aa82db65d27eb215 vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aeb631e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:35:55 GMT
GET H2	200	8vIJ7ww63mVu7gt79mT7PkRXMw.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/	24 KB 25 KB	247ms 117ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/8vIJ7ww63mVu7gt79mT7PkRXMw.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01248c0c4b971b215e14249e2a1137f1d31a8482d930e414b41319101de171e9 Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 865263 x-accel-date 1708019387 alt-svc h3=":443"; ma=86400 content-length 24944 x-77-nzt EgwBWbutCgH37zMNAAwBnJI73wH30IEAAA x-77-age 898495 last-modified Thu, 15 Feb 2024 08:21:15 GMT server cloudflare etag "543259f65bd9f16f6380b459c6615548" x-77-nzt-ray 596cea2e3db33874aa82db6501b4aa15 vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aebc31e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:35:55 GMT
GET H2	200	0QIvMX1D_JOuMwf7I_FMl_GW8g.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/	22 KB 22 KB	253ms 123ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwf7I_FMl_GW8g.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90de592c6489c955f568d6e8e9c95078b7f48e0d02a5c4ab69dbe8a1399a7a21 Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 882870 x-accel-date 1708001780 alt-svc h3=":443"; ma=86400 content-length 22616 x-77-nzt EgwBWbutCgH3tngNAAwBuTvfFAH3ZjwAAA x-77-age 898332 last-modified Thu, 15 Feb 2024 08:21:24 GMT server cloudflare etag "666208d1c4e4f2ae5afd978406688e3c" x-77-nzt-ray 596cea2e5cb53574aa82db65b77d9e15 vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aebb31e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:38:38 GMT
GET H2	200	0QIvMX1D_JOuMw77I_FMl_GW8g.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/	20 KB 20 KB	202ms 72ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMw77I_FMl_GW8g.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b44e5b9fee146d0ce2c344cd59ded262f33d25f28e0c842e33d6502d97f9a94 Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 884850 x-accel-date 1707999800 alt-svc h3=":443"; ma=86400 content-length 20432 x-77-nzt EgwBWbutCgHXcoANAAwBnJI74gH3eTUAAA x-77-age 898539 last-modified Thu, 15 Feb 2024 08:21:24 GMT server cloudflare etag "0220220e141268c4d8471991cd99edf0" x-77-nzt-ray 596cea2e4bb23074aa82db6540e7c916 vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aeba31e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:35:10 GMT
GET H2	200	0QIvMX1D_JOuMwX7I_FMl_GW8g.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/	7 KB 7 KB	206ms 77ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwX7I_FMl_GW8g.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccabc1cba053baf8373665502b1aa1b0829558e09d896bed1444c96f44c86423 Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 885916 x-accel-date 1707998734 alt-svc h3=":443"; ma=86400 content-length 7196 x-77-nzt EgwBWbutCgHXnIQNAAwBnJI73wH3gDAAAA x-77-age 898332 last-modified Thu, 15 Feb 2024 08:21:24 GMT server cloudflare etag "2c1141394ce5e67222cc94495ccf1d00" x-77-nzt-ray 596cea2e97c43174aa82db65dfc8b015 vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aeb831e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:38:38 GMT
GET H2	200	0QIvMX1D_JOuMwT7I_FMl_GW8g.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/	16 KB 16 KB	291ms 162ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwT7I_FMl_GW8g.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 728922b2759d016d2777aea778220c1686279d612918f77523a221e0f9d5da48 Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 885916 x-accel-date 1707998734 alt-svc h3=":443"; ma=86400 content-length 16392 x-77-nzt EgwBWbutCgHXnIQNAAwBnJI74gH3IzEAAA x-77-age 898495 last-modified Thu, 15 Feb 2024 08:21:24 GMT server cloudflare etag "9983cadfa3e5db29250d64cf8f481d04" x-77-nzt-ray 596cea2e96c6334eaa82db6590e27f15 vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aebe31e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:35:55 GMT
GET H2	200	0QIvMX1D_JOuMwr7I_FMl_E.woff2 s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/	35 KB 35 KB	1622ms 1493ms	Font font/woff2	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwr7I_FMl_E.woff2 Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d70cd722981668fc5cc2087c373af7a3784c29f9bf39d21aadacf3589c93ec49 Request headers Referer https://cheevasomretreat.us/ Origin https://cheevasomretreat.us accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:51 GMT cf-cache-status MISS x-amz-server-side-encryption AES256 x-77-cache HIT x-cache HIT x-age 885173 x-accel-date 1707999478 alt-svc h3=":443"; ma=86400 content-length 35364 x-77-nzt EgwBWbutCgHXtYENAAwBuTvfFAH3aDMAAA x-77-age 898333 last-modified Thu, 15 Feb 2024 08:21:25 GMT server cloudflare etag "2a6336437a14575ba0b5ee6c14a601ae" x-77-nzt-ray 596cea2e94b3574eab82db65071a3c2f vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e848aeb731e0-MIA access-control-allow-headers X-Requested-With expires Fri, 14 Feb 2025 08:38:38 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	270 KB 92 KB	255ms 106ms	Script application/javascript	2607:f8b0:4006:820::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TG56DMZ Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b5d81794dc83aa7bcac0218b3c00b5bdf5478741136a31e47eae3dad3022ed21 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 18:10:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94220 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 25 Feb 2024 18:10:50 GMT
GET H2	200	platform.js Show response static.elfsight.com/platform/	48 KB 17 KB	132ms 50ms	Script application/javascript	2606:4700:10::6816:455f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.elfsight.com/platform/platform.js Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb7a4c81cad32e268d69dab0797be43a729e94bf17884e2c33f5a4de1f4823c1 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 18:10:50 GMT strict-transport-security max-age=0 content-encoding gzip cf-cache-status HIT x-amz-request-id tx000002944742c753d07fd-0065cb64c7-53bcfc37-sfo2a age 18 x-envoy-upstream-healthchecked-cluster alt-svc h3=":443"; ma=86400 last-modified Tue, 13 Feb 2024 12:43:55 GMT server cloudflare etag W/"ea938560ae1a20790bf6327458b05878" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/javascript x-do-cdn-uuid e32c40dc-02c3-4408-a6ec-51bfedff6dd9 x-rgw-object-type Normal cache-control max-age=3600 cf-ray 85b1e848eec3336d-MIA
GET H2	200	email-decode.min.js Show response cheevasomretreat.us/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	40ms 39ms	Script application/javascript	2606:4700:3034::6815:32c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cheevasomretreat.us/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 18:10:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 16 Feb 2024 14:40:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65cf73c3-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCgCab870K%2B8xzjrGLnSeWh6jgE%2FJ0VZN%2Bw9SzeVZ9MGmzhUMEMtT2iFO34YudXncpdHQOAuroEMphKy%2BQu5TI95QjIyTvgVurOuxlqTXq88uAhC9aXlVh0NtWhD9ebyykvvm45RKRg03HjcihuqTnvm"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 85b1e8488f156daa-MIA expires Tue, 27 Feb 2024 18:10:50 GMT
GET H2	200	5d568f5a042e40819d59e84305547877.jpg our.uenicdn.com/image/upload/v1707582764/business/	75 KB 76 KB	134ms 102ms	Image image/jpeg	2606:4700:10::ac43:1dd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://our.uenicdn.com/image/upload/v1707582764/business/5d568f5a042e40819d59e84305547877.jpg Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089b352c4a2cefca7a9a3fa71e7226a3aa91e05e63b30728ae7aa5bd189ad542 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:50 GMT strict-transport-security max-age=604800 x-content-type-options nosniff cf-cache-status MISS x-77-cache HIT x-cache MISS server-timing cld-akam;mitm=cio;dur=19;start=2024-02-25T06:30:45.900Z;desc=hit,rtt;dur=18,content-info;desc="width=1000,height=650,bytes=77223,o=1,ef=(17)" x-accel-date 1708842645 alt-svc h3=":443"; ma=86400 content-length 77223 x-77-nzt EggBWbutCgFBDAG5O98UAfcVpAAA x-77-age 42005 last-modified Sat, 10 Feb 2024 16:32:45 GMT server cloudflare etag "b4e44381ea2b036412246377ee147dbd" x-77-nzt-ray 596cea2e26b6df75aa82db65dc9c631c vary Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options cache-control public, max-age=31536000, no-transform, immutable accept-ranges bytes timing-allow-origin * cf-ray 85b1e8495bb84c07-MIA
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	15166b9e0f1f4de4b697d3d6cd18b48b.jpg speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/	26 KB 26 KB	552ms 470ms	Image image/jpeg	2606:4700:10::6816:366e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/15166b9e0f1f4de4b697d3d6cd18b48b.jpg Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01f29fece58e9aa0a473a5a6d697c82802b1978f648033518d2ba415d21532ba Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers x-77-pop miamiUSFL date Sun, 25 Feb 2024 18:10:52 GMT cf-cache-status MISS x-amz-request-id V2MGBN28S76Y6YR5 x-77-cache MISS x-cache MISS alt-svc h3=":443"; ma=86400 content-length 26798 x-amz-id-2 RjiDT3z4XOAC2Sl/iYUa+hGIizS3RpgRBdayoa1o9L8y8lYJ2EEueUdk4uCWtYgbuQA4SvGW1Cc= x-77-nzt EggBWbutCgFBCAGckjviAYE x-amz-expiration expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images" last-modified Sat, 10 Feb 2024 16:05:37 GMT server cloudflare etag "60eb693aeb2794941a4c55dedf255ce9" x-77-nzt-ray 596cea2e89cc638bab82db6509ab0d38 vary Accept-Encoding content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 85b1e8527eaa335e-MIA
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 79 KB	167ms 84ms	Script application/javascript	2607:f8b0:4006:820::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3TDFK2EWVH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG56DMZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash dc7f0a546a345b23808f5e18628fc3890dd0f801e19721551dd0f2e33b12bdd6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 18:10:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81074 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 25 Feb 2024 18:10:52 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	298ms 77ms	Script text/javascript	2607:f8b0:4006:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG56DMZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 25 Feb 2024 17:51:42 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1150 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 25 Feb 2024 19:51:42 GMT
POST H2	204	collect www.google-analytics.com/g/	0 173 B	107ms 105ms	Ping text/plain	2607:f8b0:4006:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-3TDFK2EWVH&gtm=45je42l0v9134332577z8839751687za200&_p=1708884650247&gcd=13l3l3l3l1&npa=0&dma=0&cid=1933463193.1708884652&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708884652&sct=1&seg=0&dl=https%3A%2F%2Fcheevasomretreat.us%2F&dt=Cheeva%20Som%20Retreat%20-%20Spa%20in%20Houston&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2314 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3TDFK2EWVH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers pragma no-cache date Sun, 25 Feb 2024 18:10:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cheevasomretreat.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 94 B	83ms 82ms	XHR text/plain	2607:f8b0:4006:821::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=567233909&t=pageview&_s=1&dl=https%3A%2F%2Fcheevasomretreat.us%2F&ul=en-us&de=UTF-8&dt=Cheeva%20Som%20Retreat%20-%20Spa%20in%20Houston&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1703000919&gjid=1124850446&cid=1933463193.1708884652&tid=UA-91212729-13&_gid=1754955438.1708884652&_r=1&_slc=1&gtm=45He42l0n81TG56DMZv839751687za220&cd1=cheeva-som-retreat&cd20=email&gcd=13l3l3l3l1&dma=0&z=516238867 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://cheevasomretreat.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 25 Feb 2024 18:10:52 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cheevasomretreat.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 349 B	233ms 65ms	XHR text/plain	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-91212729-13&cid=1933463193.1708884652&jid=1703000919&gjid=1124850446&_gid=1754955438.1708884652&_u=YCDACEAABAAAACAAI~&z=388412259 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cheevasomretreat.us/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 25 Feb 2024 18:10:52 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cheevasomretreat.us cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	224ms 86ms	Image image/gif	2607:f8b0:4006:820::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-91212729-13&cid=1933463193.1708884652&jid=1703000919&_u=YCDACEAABAAAACAAI~&z=885892289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers pragma no-cache date Sun, 25 Feb 2024 18:10:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	214 KB 58 KB	2466ms 63ms	Script application/x-javascript	31.13.71.7
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cheevasomretreat.us URL: https://cheevasomretreat.us/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.71.7 -, , ASN (), Reverse DNS Software / Resource Hash 0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 25 Feb 2024 18:10:57 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57257 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug Ff6nBrnkmw0kqDSzQwem8nrSJB7uo6PRZDtchYKOjbHbCUnn91ZK2fuDSsXo8aX30bZeOrv3ae9AerNc46TNDw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	992364281277376 Show response connect.facebook.net/signals/config/	66 KB 16 KB	968ms 967ms	Script application/x-javascript	31.13.71.7
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/992364281277376?v=2.9.147&r=stable&domain=cheevasomretreat.us&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.71.7 -, , ASN (), Reverse DNS Software / Resource Hash 12973f36403bff628bbe02b3daaa46d667624bb448f9d412cafab81b77f7e1c6 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers permissions-policy-report-only clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy" content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 25 Feb 2024 18:10:58 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" pragma public x-fb-debug naSPJ9ckRbQwGBiUFaiBSQiXrRY0kx1NRvGb04ydhS8hei3nY1FaKr43VkBCdHSuCACX+twwFrhUTzLFlLEu3A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	199ms 65ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=992364281277376&ev=PageView&dl=https%3A%2F%2Fcheevasomretreat.us&rl=&if=false&ts=1708884659395&sw=1600&sh=1200&v=2.9.147&r=stable&a=PLUENI&ec=0&o=4124&fbp=fb.1.1708884659391.756689940&cs_est=true&pm=1&hrl=0ac7c3&ler=empty&cdl=API_unavailable&it=1708884658058&coo=false&cs_cc=1&exp=e1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de -, , ASN (), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://cheevasomretreat.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 25 Feb 2024 18:10:59 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| __PRELOAD_DATA__ object| __PRELOAD_TRANSLATIONS__ string| __PRELOAD_LOCALE__ object| __PRELOAD_APP_CONTEXT__ number| __mobxInstanceCount object| __mobxGlobals function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ueni object| _scrollContext object| google_tag_manager object| google_tag_data object| eapps string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| fbq function| _fbq

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cheevasomretreat.us/	1970-01-20 20:51:00	Name: _gcl_au Value: 1.1.1403690759.1708884652
			.cheevasomretreat.us/	1970-01-21 04:17:24	Name: _ga_3TDFK2EWVH Value: GS1.1.1708884652.1.0.1708884652.0.0.0
			.cheevasomretreat.us/	1970-01-21 04:17:24	Name: _ga Value: GA1.2.1933463193.1708884652
			.cheevasomretreat.us/	1970-01-20 18:42:51	Name: _gid Value: GA1.2.1754955438.1708884652
			.cheevasomretreat.us/	1970-01-20 18:41:24	Name: _gat_UA-91212729-13 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cheevasomretreat.us/ Message: The resource https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMw77I_FMl_GW8g.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://cheevasomretreat.us/ Message: The resource https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwf7I_FMl_GW8g.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://cheevasomretreat.us/ Message: The resource https://api.maptiler.com/maps/streets/style.json?key=OnLW5fSzsfAkkYcTBW9y was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other	warning	URL: https://connect.facebook.net/signals/config/992364281277376?v=2.9.147&r=stable&domain=cheevasomretreat.us&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.maptiler.com
cheevasomretreat.us
connect.facebook.net
our.uenicdn.com
s.uenicdn.com
speedy.uenicdn.com
static.elfsight.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2606:4700:10::6816:366e
2606:4700:10::6816:455f
2606:4700:10::ac43:1dd2
2606:4700:3034::6815:32c5
2606:4700::6811:5a57
2607:f8b0:4004:c07::9d
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::200e
2a03:2880:f112:83:face:b00c:0:25de
31.13.71.7
01248c0c4b971b215e14249e2a1137f1d31a8482d930e414b41319101de171e9
01f29fece58e9aa0a473a5a6d697c82802b1978f648033518d2ba415d21532ba
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
089b352c4a2cefca7a9a3fa71e7226a3aa91e05e63b30728ae7aa5bd189ad542
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
12973f36403bff628bbe02b3daaa46d667624bb448f9d412cafab81b77f7e1c6
1d777ec43a5f40a3b283754ae59bbe392f4578131ae845d683c8f63e3dab3478
203ea888efee464b8b65934f6caa1406b56de74c3637d501ad493f8271855113
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3b44e5b9fee146d0ce2c344cd59ded262f33d25f28e0c842e33d6502d97f9a94
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
728922b2759d016d2777aea778220c1686279d612918f77523a221e0f9d5da48
90de592c6489c955f568d6e8e9c95078b7f48e0d02a5c4ab69dbe8a1399a7a21
941eb2e7ffcad90c9825522d7b795137b187e89723081ed066747a3102a8f67e
942c4ff867fef78f05d7cafffdf2f0b7d3d7dabe1c25dea44637758de41ccd0c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4472704c959cc16491598c23e505bc4bb953cbd03a0759bcd608af92f1f61ec
b5d81794dc83aa7bcac0218b3c00b5bdf5478741136a31e47eae3dad3022ed21
ccabc1cba053baf8373665502b1aa1b0829558e09d896bed1444c96f44c86423
d70cd722981668fc5cc2087c373af7a3784c29f9bf39d21aadacf3589c93ec49
dc7f0a546a345b23808f5e18628fc3890dd0f801e19721551dd0f2e33b12bdd6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb7a4c81cad32e268d69dab0797be43a729e94bf17884e2c33f5a4de1f4823c1
fc1b88e79c0efb2fbf104b3cbb60eec539102e393c550aa3e1fc54a919dae273