URL: https://cheevasomretreat.us/
Submission: On February 25 via api from US — Scanned from US

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::6815:32c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is cheevasomretreat.us.
TLS certificate: Issued by GTS CA 1P5 on February 23rd 2024. Valid for: 3 months.
This is the only time cheevasomretreat.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 uenicdn.com
speedy.uenicdn.com — Cisco Umbrella Rank: 347865
s.uenicdn.com — Cisco Umbrella Rank: 310924
our.uenicdn.com
1 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
2 facebook.net
connect.facebook.net
74 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
172 KB
2 cheevasomretreat.us
cheevasomretreat.us
110 KB
1 facebook.com
www.facebook.com
185 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
349 B
1 elfsight.com
static.elfsight.com — Cisco Umbrella Rank: 13783
17 KB
1 maptiler.com
api.maptiler.com — Cisco Umbrella Rank: 25502
27 10
Domain Requested by
8 s.uenicdn.com cheevasomretreat.us
4 speedy.uenicdn.com cheevasomretreat.us
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net cheevasomretreat.us
connect.facebook.net
2 www.googletagmanager.com cheevasomretreat.us
www.googletagmanager.com
2 cheevasomretreat.us cheevasomretreat.us
1 www.facebook.com
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 our.uenicdn.com cheevasomretreat.us
1 static.elfsight.com cheevasomretreat.us
1 api.maptiler.com cheevasomretreat.us
27 12
Subject Issuer Validity Valid
cheevasomretreat.us
GTS CA 1P5
2024-02-23 -
2024-05-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
uenicdn.com
Cloudflare Inc ECC CA-3
2023-04-07 -
2024-04-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
static.elfsight.com
GTS CA 1P5
2024-01-28 -
2024-04-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-12-05 -
2024-03-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://cheevasomretreat.us/
Frame ID: 482A797E8E7CD53768E249D255AF923F
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Cheeva Som Retreat - Spa in Houston

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

100 %
HTTPS

91 %
IPv6

10
Domains

12
Subdomains

12
IPs

1
Countries

1817 kB
Transfer

6307 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cheevasomretreat.us/
571 KB
109 KB
Document
General
Full URL
https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d777ec43a5f40a3b283754ae59bbe392f4578131ae845d683c8f63e3dab3478

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, no-cache
cf-cache-status
DYNAMIC
cf-ray
85b1e846cd856daa-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 25 Feb 2024 18:10:50 GMT
last-modified
Sat, 24 Feb 2024 00:50:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLYTZmZMQX%2BUA48EKdgGq8vSY0LxAbRb%2FmcyZZf5p6pIQFF3I0ngS6Tj8vexlt79HAtL6leyGNcNdWVi9%2F8I5LTBy3yCOwnKFG1XZ2dI7Q0zaCcyBvGsgZW7bSJ5epgOIQp3R3HHFZBEO5On6h0nOI17"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-render-cache
RETURNCACHED
x-ueni-region
us1p
style.json
api.maptiler.com/maps/streets/
0
0
Stylesheet
General
Full URL
https://api.maptiler.com/maps/streets/style.json?key=OnLW5fSzsfAkkYcTBW9y
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:5a57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

5cf660af-6763-4645-8c93-e2b5c8297e45.png
speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/n300_140a/image/upload/v1707581473/business/
6 KB
6 KB
Image
General
Full URL
https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/n300_140a/image/upload/v1707581473/business/5cf660af-6763-4645-8c93-e2b5c8297e45.png
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941eb2e7ffcad90c9825522d7b795137b187e89723081ed066747a3102a8f67e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-request-id
NR5FGGNRJAEK246H
x-77-cache
HIT
x-cache
MISS
x-accel-date
1708842645
alt-svc
h3=":443"; ma=86400
content-length
6095
x-amz-id-2
ZUm3Ycz+UAU+38QS+pcI7ei85OR922kirEPFx3fNhdan5cpJe4HQoF1mt7VW3zqMqi5ScZ8oYW0=
x-77-nzt
EggBWbutCgFBDAGckjvoAfcVpAAA
x-77-age
42005
x-amz-expiration
expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images"
last-modified
Sat, 10 Feb 2024 16:12:43 GMT
server
cloudflare
etag
"91ec3a6685ec4c6a22ebf521e2d65412"
x-77-nzt-ray
596cea2e2dccae67aa82db65357f6417
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848a8e2335e-MIA
1a437e99ad3c493293439810d0f2602d.jpg
speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c1920_800a/image/upload/v1707578606/business/
100 KB
100 KB
Image
General
Full URL
https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c1920_800a/image/upload/v1707578606/business/1a437e99ad3c493293439810d0f2602d.jpg
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc1b88e79c0efb2fbf104b3cbb60eec539102e393c550aa3e1fc54a919dae273

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-request-id
NR53K88NC97N3RN0
x-77-cache
HIT
x-cache
MISS
x-accel-date
1708842645
alt-svc
h3=":443"; ma=86400
content-length
102331
x-amz-id-2
qW+Xmz9/B/pf6PhY2uvAAROXeC7SKT8wTl5Kt35sR6IJzTmAERJ02vXM+fKFBBK0NwtDgARzkRI=
x-77-nzt
EggBWbutCgFBDAGckjvoAfcVpAAA
x-77-age
42005
x-amz-expiration
expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images"
last-modified
Sat, 10 Feb 2024 16:03:18 GMT
server
cloudflare
etag
"3530213152be7471f5bba8f3442b4da1"
x-77-nzt-ray
596cea2e64c24f74aa82db652404d815
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848a8e6335e-MIA
f8114f29d93a4c9f984062ce8d48e04d.jpg
speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/
35 KB
36 KB
Image
General
Full URL
https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/f8114f29d93a4c9f984062ce8d48e04d.jpg
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203ea888efee464b8b65934f6caa1406b56de74c3637d501ad493f8271855113

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-request-id
NR5C2SQJR32WGADQ
x-77-cache
HIT
x-cache
MISS
x-accel-date
1708842645
alt-svc
h3=":443"; ma=86400
content-length
36308
x-amz-id-2
heBz0h+OaR3XyfALr0KO8zVmm6JD0ALFIqE5GQ2/m4HEQISyEWAcTKMKMdtLkQ1JY67HiZQY4HI=
x-77-nzt
EggBWbutCgFBDAGckjviAfcVpAAA
x-77-age
42005
x-amz-expiration
expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images"
last-modified
Sat, 10 Feb 2024 16:05:11 GMT
server
cloudflare
etag
"626f192b4a06e0ede11f701c72b992c4"
x-77-nzt-ray
596cea2eafb95174aa82db65a60ee115
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848a8e9335e-MIA
natural.acf00c8a78b8f43cec44f4d19b838a14081e3d02.js
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/js/
4 MB
1 MB
Script
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/js/natural.acf00c8a78b8f43cec44f4d19b838a14081e3d02.js
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942c4ff867fef78f05d7cafffdf2f0b7d3d7dabe1c25dea44637758de41ccd0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
content-encoding
br
cf-cache-status
HIT
age
885801
cf-polished
origSize=4588448
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
MISS
x-accel-date
1707985657
alt-svc
h3=":443"; ma=86400
x-77-nzt
EggBWbutCgFBDAGckjvoAfefMgAA
x-77-age
12959
cf-bgj
minify
last-modified
Thu, 15 Feb 2024 08:21:05 GMT
server
cloudflare
etag
W/"ad91ee35e2e01fbd1883f0cf5f7596e1"
x-77-nzt-ray
596cea2e598d32aa98fdcd65d38dd32f
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
85b1e848ab004c07-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:27:37 GMT
8vIJ7ww63mVu7gt7-GT7PkRXM8Xx.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/
13 KB
14 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/8vIJ7ww63mVu7gt7-GT7PkRXM8Xx.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4472704c959cc16491598c23e505bc4bb953cbd03a0759bcd608af92f1f61ec

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
871161
x-accel-date
1708013489
alt-svc
h3=":443"; ma=86400
content-length
13728
x-77-nzt
EgwBWbutCgH3+UoNAAwBnJI76AH3xmoAAA
x-77-age
898495
last-modified
Thu, 15 Feb 2024 08:21:15 GMT
server
cloudflare
etag
"176fe66ccae64deb78e774cb8172d6c8"
x-77-nzt-ray
596cea2e6bce3c74aa82db65d27eb215
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aeb631e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:35:55 GMT
8vIJ7ww63mVu7gt79mT7PkRXMw.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/
24 KB
25 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/cinzel/8vIJ7ww63mVu7gt79mT7PkRXMw.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01248c0c4b971b215e14249e2a1137f1d31a8482d930e414b41319101de171e9

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
865263
x-accel-date
1708019387
alt-svc
h3=":443"; ma=86400
content-length
24944
x-77-nzt
EgwBWbutCgH37zMNAAwBnJI73wH30IEAAA
x-77-age
898495
last-modified
Thu, 15 Feb 2024 08:21:15 GMT
server
cloudflare
etag
"543259f65bd9f16f6380b459c6615548"
x-77-nzt-ray
596cea2e3db33874aa82db6501b4aa15
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aebc31e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:35:55 GMT
0QIvMX1D_JOuMwf7I_FMl_GW8g.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/
22 KB
22 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwf7I_FMl_GW8g.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90de592c6489c955f568d6e8e9c95078b7f48e0d02a5c4ab69dbe8a1399a7a21

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
882870
x-accel-date
1708001780
alt-svc
h3=":443"; ma=86400
content-length
22616
x-77-nzt
EgwBWbutCgH3tngNAAwBuTvfFAH3ZjwAAA
x-77-age
898332
last-modified
Thu, 15 Feb 2024 08:21:24 GMT
server
cloudflare
etag
"666208d1c4e4f2ae5afd978406688e3c"
x-77-nzt-ray
596cea2e5cb53574aa82db65b77d9e15
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aebb31e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:38:38 GMT
0QIvMX1D_JOuMw77I_FMl_GW8g.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/
20 KB
20 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMw77I_FMl_GW8g.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b44e5b9fee146d0ce2c344cd59ded262f33d25f28e0c842e33d6502d97f9a94

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
884850
x-accel-date
1707999800
alt-svc
h3=":443"; ma=86400
content-length
20432
x-77-nzt
EgwBWbutCgHXcoANAAwBnJI74gH3eTUAAA
x-77-age
898539
last-modified
Thu, 15 Feb 2024 08:21:24 GMT
server
cloudflare
etag
"0220220e141268c4d8471991cd99edf0"
x-77-nzt-ray
596cea2e4bb23074aa82db6540e7c916
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aeba31e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:35:10 GMT
0QIvMX1D_JOuMwX7I_FMl_GW8g.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/
7 KB
7 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwX7I_FMl_GW8g.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccabc1cba053baf8373665502b1aa1b0829558e09d896bed1444c96f44c86423

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
885916
x-accel-date
1707998734
alt-svc
h3=":443"; ma=86400
content-length
7196
x-77-nzt
EgwBWbutCgHXnIQNAAwBnJI73wH3gDAAAA
x-77-age
898332
last-modified
Thu, 15 Feb 2024 08:21:24 GMT
server
cloudflare
etag
"2c1141394ce5e67222cc94495ccf1d00"
x-77-nzt-ray
596cea2e97c43174aa82db65dfc8b015
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aeb831e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:38:38 GMT
0QIvMX1D_JOuMwT7I_FMl_GW8g.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/
16 KB
16 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwT7I_FMl_GW8g.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728922b2759d016d2777aea778220c1686279d612918f77523a221e0f9d5da48

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
885916
x-accel-date
1707998734
alt-svc
h3=":443"; ma=86400
content-length
16392
x-77-nzt
EgwBWbutCgHXnIQNAAwBnJI74gH3IzEAAA
x-77-age
898495
last-modified
Thu, 15 Feb 2024 08:21:24 GMT
server
cloudflare
etag
"9983cadfa3e5db29250d64cf8f481d04"
x-77-nzt-ray
596cea2e96c6334eaa82db6590e27f15
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aebe31e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:35:55 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/
35 KB
35 KB
Font
General
Full URL
https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70cd722981668fc5cc2087c373af7a3784c29f9bf39d21aadacf3589c93ec49

Request headers

Referer
https://cheevasomretreat.us/
Origin
https://cheevasomretreat.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:51 GMT
cf-cache-status
MISS
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
885173
x-accel-date
1707999478
alt-svc
h3=":443"; ma=86400
content-length
35364
x-77-nzt
EgwBWbutCgHXtYENAAwBuTvfFAH3aDMAAA
x-77-age
898333
last-modified
Thu, 15 Feb 2024 08:21:25 GMT
server
cloudflare
etag
"2a6336437a14575ba0b5ee6c14a601ae"
x-77-nzt-ray
596cea2e94b3574eab82db65071a3c2f
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e848aeb731e0-MIA
access-control-allow-headers
X-Requested-With
expires
Fri, 14 Feb 2025 08:38:38 GMT
gtm.js
www.googletagmanager.com/
270 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TG56DMZ
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5d81794dc83aa7bcac0218b3c00b5bdf5478741136a31e47eae3dad3022ed21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 18:10:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94220
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 25 Feb 2024 18:10:50 GMT
platform.js
static.elfsight.com/platform/
48 KB
17 KB
Script
General
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7a4c81cad32e268d69dab0797be43a729e94bf17884e2c33f5a4de1f4823c1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 18:10:50 GMT
strict-transport-security
max-age=0
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000002944742c753d07fd-0065cb64c7-53bcfc37-sfo2a
age
18
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Feb 2024 12:43:55 GMT
server
cloudflare
etag
W/"ea938560ae1a20790bf6327458b05878"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
e32c40dc-02c3-4408-a6ec-51bfedff6dd9
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
85b1e848eec3336d-MIA
email-decode.min.js
cheevasomretreat.us/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://cheevasomretreat.us/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 18:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 16 Feb 2024 14:40:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cf73c3-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCgCab870K%2B8xzjrGLnSeWh6jgE%2FJ0VZN%2Bw9SzeVZ9MGmzhUMEMtT2iFO34YudXncpdHQOAuroEMphKy%2BQu5TI95QjIyTvgVurOuxlqTXq88uAhC9aXlVh0NtWhD9ebyykvvm45RKRg03HjcihuqTnvm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85b1e8488f156daa-MIA
expires
Tue, 27 Feb 2024 18:10:50 GMT
5d568f5a042e40819d59e84305547877.jpg
our.uenicdn.com/image/upload/v1707582764/business/
75 KB
76 KB
Image
General
Full URL
https://our.uenicdn.com/image/upload/v1707582764/business/5d568f5a042e40819d59e84305547877.jpg
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1dd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089b352c4a2cefca7a9a3fa71e7226a3aa91e05e63b30728ae7aa5bd189ad542
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:50 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
cf-cache-status
MISS
x-77-cache
HIT
x-cache
MISS
server-timing
cld-akam;mitm=cio;dur=19;start=2024-02-25T06:30:45.900Z;desc=hit,rtt;dur=18,content-info;desc="width=1000,height=650,bytes=77223,o=1,ef=(17)"
x-accel-date
1708842645
alt-svc
h3=":443"; ma=86400
content-length
77223
x-77-nzt
EggBWbutCgFBDAG5O98UAfcVpAAA
x-77-age
42005
last-modified
Sat, 10 Feb 2024 16:32:45 GMT
server
cloudflare
etag
"b4e44381ea2b036412246377ee147dbd"
x-77-nzt-ray
596cea2e26b6df75aa82db65dc9c631c
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85b1e8495bb84c07-MIA
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/webp
15166b9e0f1f4de4b697d3d6cd18b48b.jpg
speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/
26 KB
26 KB
Image
General
Full URL
https://speedy.uenicdn.com/91e35f36-fe63-484b-ac30-c87d830e367a/c620_400a/image/upload/v1707578586/business/15166b9e0f1f4de4b697d3d6cd18b48b.jpg
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f29fece58e9aa0a473a5a6d697c82802b1978f648033518d2ba415d21532ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-77-pop
miamiUSFL
date
Sun, 25 Feb 2024 18:10:52 GMT
cf-cache-status
MISS
x-amz-request-id
V2MGBN28S76Y6YR5
x-77-cache
MISS
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
26798
x-amz-id-2
RjiDT3z4XOAC2Sl/iYUa+hGIizS3RpgRBdayoa1o9L8y8lYJ2EEueUdk4uCWtYgbuQA4SvGW1Cc=
x-77-nzt
EggBWbutCgFBCAGckjviAYE
x-amz-expiration
expiry-date="Fri, 22 Mar 2024 00:00:00 GMT", rule-id="purge_old_images"
last-modified
Sat, 10 Feb 2024 16:05:37 GMT
server
cloudflare
etag
"60eb693aeb2794941a4c55dedf255ce9"
x-77-nzt-ray
596cea2e89cc638bab82db6509ab0d38
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85b1e8527eaa335e-MIA
js
www.googletagmanager.com/gtag/
223 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3TDFK2EWVH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG56DMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc7f0a546a345b23808f5e18628fc3890dd0f801e19721551dd0f2e33b12bdd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 18:10:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81074
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 25 Feb 2024 18:10:52 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TG56DMZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Feb 2024 17:51:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1150
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 25 Feb 2024 19:51:42 GMT
collect
www.google-analytics.com/g/
0
173 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3TDFK2EWVH&gtm=45je42l0v9134332577z8839751687za200&_p=1708884650247&gcd=13l3l3l3l1&npa=0&dma=0&cid=1933463193.1708884652&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708884652&sct=1&seg=0&dl=https%3A%2F%2Fcheevasomretreat.us%2F&dt=Cheeva%20Som%20Retreat%20-%20Spa%20in%20Houston&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2314
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TDFK2EWVH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 18:10:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cheevasomretreat.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
94 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=567233909&t=pageview&_s=1&dl=https%3A%2F%2Fcheevasomretreat.us%2F&ul=en-us&de=UTF-8&dt=Cheeva%20Som%20Retreat%20-%20Spa%20in%20Houston&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1703000919&gjid=1124850446&cid=1933463193.1708884652&tid=UA-91212729-13&_gid=1754955438.1708884652&_r=1&_slc=1&gtm=45He42l0n81TG56DMZv839751687za220&cd1=cheeva-som-retreat&cd20=email&gcd=13l3l3l3l1&dma=0&z=516238867
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cheevasomretreat.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 18:10:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cheevasomretreat.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
2 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-91212729-13&cid=1933463193.1708884652&jid=1703000919&gjid=1124850446&_gid=1754955438.1708884652&_u=YCDACEAABAAAACAAI~&z=388412259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cheevasomretreat.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 25 Feb 2024 18:10:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cheevasomretreat.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-91212729-13&cid=1933463193.1708884652&jid=1703000919&_u=YCDACEAABAAAACAAI~&z=885892289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Feb 2024 18:10:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
214 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cheevasomretreat.us
URL: https://cheevasomretreat.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 25 Feb 2024 18:10:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
Ff6nBrnkmw0kqDSzQwem8nrSJB7uo6PRZDtchYKOjbHbCUnn91ZK2fuDSsXo8aX30bZeOrv3ae9AerNc46TNDw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
992364281277376
connect.facebook.net/signals/config/
66 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/992364281277376?v=2.9.147&r=stable&domain=cheevasomretreat.us&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
12973f36403bff628bbe02b3daaa46d667624bb448f9d412cafab81b77f7e1c6
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 25 Feb 2024 18:10:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
naSPJ9ckRbQwGBiUFaiBSQiXrRY0kx1NRvGb04ydhS8hei3nY1FaKr43VkBCdHSuCACX+twwFrhUTzLFlLEu3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=992364281277376&ev=PageView&dl=https%3A%2F%2Fcheevasomretreat.us&rl=&if=false&ts=1708884659395&sw=1600&sh=1200&v=2.9.147&r=stable&a=PLUENI&ec=0&o=4124&fbp=fb.1.1708884659391.756689940&cs_est=true&pm=1&hrl=0ac7c3&ler=empty&cdl=API_unavailable&it=1708884658058&coo=false&cs_cc=1&exp=e1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cheevasomretreat.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 25 Feb 2024 18:10:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| __PRELOAD_DATA__ object| __PRELOAD_TRANSLATIONS__ string| __PRELOAD_LOCALE__ object| __PRELOAD_APP_CONTEXT__ number| __mobxInstanceCount object| __mobxGlobals function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ueni object| _scrollContext object| google_tag_manager object| google_tag_data object| eapps string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| fbq function| _fbq

5 Cookies

Domain/Path Name / Value
.cheevasomretreat.us/ Name: _gcl_au
Value: 1.1.1403690759.1708884652
.cheevasomretreat.us/ Name: _ga_3TDFK2EWVH
Value: GS1.1.1708884652.1.0.1708884652.0.0.0
.cheevasomretreat.us/ Name: _ga
Value: GA1.2.1933463193.1708884652
.cheevasomretreat.us/ Name: _gid
Value: GA1.2.1754955438.1708884652
.cheevasomretreat.us/ Name: _gat_UA-91212729-13
Value: 1

4 Console Messages

Source Level URL
Text
javascript warning URL: https://cheevasomretreat.us/
Message:
The resource https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMw77I_FMl_GW8g.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cheevasomretreat.us/
Message:
The resource https://s.uenicdn.com/assets/acf00c8a78b8f43cec44f4d19b838a14081e3d02/static/fonts/lora/0QIvMX1D_JOuMwf7I_FMl_GW8g.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://cheevasomretreat.us/
Message:
The resource https://api.maptiler.com/maps/streets/style.json?key=OnLW5fSzsfAkkYcTBW9y was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://connect.facebook.net/signals/config/992364281277376?v=2.9.147&r=stable&domain=cheevasomretreat.us&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.maptiler.com
cheevasomretreat.us
connect.facebook.net
our.uenicdn.com
s.uenicdn.com
speedy.uenicdn.com
static.elfsight.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2606:4700:10::6816:366e
2606:4700:10::6816:455f
2606:4700:10::ac43:1dd2
2606:4700:3034::6815:32c5
2606:4700::6811:5a57
2607:f8b0:4004:c07::9d
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::2008
2607:f8b0:4006:821::200e
2a03:2880:f112:83:face:b00c:0:25de
31.13.71.7
01248c0c4b971b215e14249e2a1137f1d31a8482d930e414b41319101de171e9
01f29fece58e9aa0a473a5a6d697c82802b1978f648033518d2ba415d21532ba
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
089b352c4a2cefca7a9a3fa71e7226a3aa91e05e63b30728ae7aa5bd189ad542
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
12973f36403bff628bbe02b3daaa46d667624bb448f9d412cafab81b77f7e1c6
1d777ec43a5f40a3b283754ae59bbe392f4578131ae845d683c8f63e3dab3478
203ea888efee464b8b65934f6caa1406b56de74c3637d501ad493f8271855113
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3b44e5b9fee146d0ce2c344cd59ded262f33d25f28e0c842e33d6502d97f9a94
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
728922b2759d016d2777aea778220c1686279d612918f77523a221e0f9d5da48
90de592c6489c955f568d6e8e9c95078b7f48e0d02a5c4ab69dbe8a1399a7a21
941eb2e7ffcad90c9825522d7b795137b187e89723081ed066747a3102a8f67e
942c4ff867fef78f05d7cafffdf2f0b7d3d7dabe1c25dea44637758de41ccd0c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4472704c959cc16491598c23e505bc4bb953cbd03a0759bcd608af92f1f61ec
b5d81794dc83aa7bcac0218b3c00b5bdf5478741136a31e47eae3dad3022ed21
ccabc1cba053baf8373665502b1aa1b0829558e09d896bed1444c96f44c86423
d70cd722981668fc5cc2087c373af7a3784c29f9bf39d21aadacf3589c93ec49
dc7f0a546a345b23808f5e18628fc3890dd0f801e19721551dd0f2e33b12bdd6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb7a4c81cad32e268d69dab0797be43a729e94bf17884e2c33f5a4de1f4823c1
fc1b88e79c0efb2fbf104b3cbb60eec539102e393c550aa3e1fc54a919dae273