urlscan.io logo urlscan.io
SecurityTrails logo

retreat.intelligentchange.com Open in urlscan Pro
63.32.161.232  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://retreat.intelligentchange.com/
Effective URL: https://retreat.intelligentchange.com/homepage/password
Submission: On June 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 63.32.161.232, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is retreat.intelligentchange.com.
TLS certificate: Issued by R10 on June 13th 2024. Valid for: 3 months.
This is the only time retreat.intelligentchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 63.32.161.232 16509 (AMAZON-02)
7 2600:9000:211... 16509 (AMAZON-02)
5 104.17.25.14 13335 (CLOUDFLAR...)
1 52.216.45.8 16509 (AMAZON-02)
1 1 54.216.252.255 16509 (AMAZON-02)
1 52.218.120.186 16509 (AMAZON-02)
15 5
2    63.32.161.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-161-232.eu-west-1.compute.amazonaws.com
retreat.intelligentchange.com
7    2600:9000:211e:4200:19:c7e:dac0:21 (United States)

ASN16509 (AMAZON-02, US)
d17t27i218htgr.cloudfront.net
5    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    52.216.45.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    54.216.252.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-252-255.eu-west-1.compute.amazonaws.com
myeasol.com
1    52.218.120.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
fixers-marketplace-assets.s3.eu-west-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
7 cloudfront.net
d17t27i218htgr.cloudfront.net
181 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
551 KB
2 amazonaws.com
s3.amazonaws.com
fixers-marketplace-assets.s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 609149
253 KB
2 intelligentchange.com
retreat.intelligentchange.com
12 KB
1 myeasol.com
myeasol.com — Cisco Umbrella Rank: 593460
2 KB
15 5
Domain Requested by
7 d17t27i218htgr.cloudfront.net retreat.intelligentchange.com
5 cdnjs.cloudflare.com retreat.intelligentchange.com
2 retreat.intelligentchange.com 1 redirects
1 fixers-marketplace-assets.s3.eu-west-1.amazonaws.com d17t27i218htgr.cloudfront.net
1 myeasol.com 1 redirects
1 s3.amazonaws.com retreat.intelligentchange.com
15 6

This site contains links to these domains. Also see Links.

Domain
easol.com
Subject Issuer Validity Valid
retreat.intelligentchange.com
R10		 2024-06-13 -
2024-09-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://retreat.intelligentchange.com/homepage/password
Frame ID: F55A01B887597B91E1C1EE4FADC4FDEB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Intelligent Change Retreat

Page URL History Show full URLs

  1. https://retreat.intelligentchange.com/ HTTP 302
    https://retreat.intelligentchange.com/homepage/password Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

995 kB
Transfer

2846 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://retreat.intelligentchange.com/ HTTP 302
    https://retreat.intelligentchange.com/homepage/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://myeasol.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWxsT1RKbU9UVTFaQzFoWW1abUxUUXhaVFV0WW1ZM01pMWpZemt4TXpKalptWmpNemtHT2daRlZBPT0iLCJleHAiOm51bGwsInB1ciI6ImJsb2JfaWQifX0=--2bbfe2d39c84ec91e7d13d41c2464b6f116d0108/EuclidCircularB-Regular.otf HTTP 302
  • https://fixers-marketplace-assets.s3.eu-west-1.amazonaws.com/8ehl5bdps10y1mb5c9jvm13c42vj?response-content-disposition=attachment%3B%20filename%3D%22EuclidCircularB-Regular.otf%22%3B%20filename%2A%3DUTF-8%27%27EuclidCircularB-Regular.otf&response-content-type=font%2Fotf&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA6HAIIVBY3YGTDTEM%2F20240615%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20240615T024126Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a92448934cc4e59d23a896763b85405cc6779a2b04c84600fedf58e1475c24d3

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
retreat.intelligentchange.com/homepage/
Redirect Chain
  • https://retreat.intelligentchange.com/
  • https://retreat.intelligentchange.com/homepage/password
29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retreat.intelligentchange.com/homepage/password
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-161-232.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
727556735d3e83b171681fcfcb80dd536ab1d00e722f39b27c7267f33af72107
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Language
de
Content-Type
text/html; charset=utf-8
Date
Sat, 15 Jun 2024 02:41:24 GMT
Etag
W/"52c9223e3c6b3e0b0ca28db95f7443ee"
Link
<https://d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/site_style?hash=5236d526fd43a63165e70d6eaba5a6bf>; rel=preload; as=style; nopush,<https://d17t27i218htgr.cloudfront.net/assets/jquery-pre-5e9d359d1f417f8169bc84780810243b5c539d20405d200093408a1c730c692d.js>; rel=preload; as=script; nopush,<https://d17t27i218htgr.cloudfront.net/assets/sites.bundle-e7f2565208617fd7751bc3969d0927905cf6f98bc39997570a85fdab6ff064ff.js>; rel=preload; as=script; nopush,<https://d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/scripts.js?hash=91245a0fd069ac0c073d0674266af2e0>; rel=preload; as=script; nopush
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D
Server
Cowboy
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Via
1.1 vegur, 1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Proxy-Version
01bfadb51e1061b208f7ea8b6b1d96d2789cb213
X-Request-Id
38a9d8ff-3821-4909-a792-b2708900d29e
X-Runtime
0.071989
X-Xss-Protection
0

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Language
de
Content-Type
text/html; charset=utf-8
Date
Sat, 15 Jun 2024 02:41:24 GMT
Location
https://retreat.intelligentchange.com/homepage/password
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D
Server
Cowboy
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Via
1.1 vegur, 1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Proxy-Version
01bfadb51e1061b208f7ea8b6b1d96d2789cb213
X-Request-Id
4a63ec92-158b-4061-8f52-92754bfd6a24
X-Runtime
0.024913
X-Xss-Protection
0
site_style
d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/ 		131 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/site_style?hash=5236d526fd43a63165e70d6eaba5a6bf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
a803b04f0459c3a101dfb29a9be97784f79329d0e624dbf502056a4aa9ae51da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D
x-request-id
bb71e87c-2f7b-4ae8-8e49-fe483b25d7b1
x-runtime
0.734947
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
Cowboy
etag
W/"325078a824c63bc8ae646fd37995df80"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D"}]}
content-type
text/css; charset=utf-8
content-language
en
cache-control
max-age=3155695200, public
vary
Accept-Encoding
x-amz-cf-id
lq_-Oy_KXJ5suq9wCBig5vWL4nPsyLBFXX8fCRft2GPYjbEiAdf3IA==
jquery-pre-5e9d359d1f417f8169bc84780810243b5c539d20405d200093408a1c730c692d.js
d17t27i218htgr.cloudfront.net/assets/ 		287 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17t27i218htgr.cloudfront.net/assets/jquery-pre-5e9d359d1f417f8169bc84780810243b5c539d20405d200093408a1c730c692d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 12 Feb 2024 17:11:30 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA56-C2
age
10661394
x-cache
Hit from cloudfront
content-length
86394
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1707757891&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=bJKj79M6%2BO4qvhBZ29GArkb8HP2YQb6dPqZdwGzzHDc%3D
last-modified
Wed, 27 Sep 2023 16:27:42 GMT
server
Cowboy
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707757891&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=bJKj79M6%2BO4qvhBZ29GArkb8HP2YQb6dPqZdwGzzHDc%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
HCoz9ms7GhxQiB9gL6UI08-hffpA-UzX0BhRG93sTkTaOJMYVu8FsQ==
sites.bundle-e7f2565208617fd7751bc3969d0927905cf6f98bc39997570a85fdab6ff064ff.js
d17t27i218htgr.cloudfront.net/assets/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17t27i218htgr.cloudfront.net/assets/sites.bundle-e7f2565208617fd7751bc3969d0927905cf6f98bc39997570a85fdab6ff064ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
41f2fe84201175d325f658067ceadd3845ca9c4b07ff665d23d9be53c92be9fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:56:34 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA56-C2
age
3941090
x-cache
Hit from cloudfront
content-length
39380
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1714478195&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=7ZrKuwPjh2k0sAjrkEvmf%2BDD7QiqrugZDjwFJc0zusE%3D
last-modified
Tue, 30 Apr 2024 11:50:27 GMT
server
Cowboy
vary
accept-encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1714478195&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=7ZrKuwPjh2k0sAjrkEvmf%2BDD7QiqrugZDjwFJc0zusE%3D"}]}
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
LhJc2wp8N0tF7o9PE2xQrY6XbGlcLFwsJnAhfxEuPXmdMqFHnSGjyA==
scripts.js
d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/scripts.js?hash=91245a0fd069ac0c073d0674266af2e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
df5c1c260499ab2071075654680f5c733d0be3a7dbca9f0764fdd4655ce88783
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-xss-protection
0
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D
x-request-id
c5b4a636-a787-42f4-896a-19a2b6edf76f
x-runtime
0.012126
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
Cowboy
etag
W/"fc8d274c66058c80c20644e17f17e018"
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D"}]}
content-type
text/javascript; charset=utf-8
content-language
en
cache-control
max-age=3155695200, public
vary
Accept-Encoding
x-amz-cf-id
GXt7-H0uIrwtlwUgCKOA1kBiv097YWXiJNwbEWRSi2XgjuInqrHiOA==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
87845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sv6rKwJF9wxEjnTl8sfVFLLy9TitozjMdw1SoKOnxg75HueipYdpj4oce4mQY2zb%2F31hOSO3P0DvwLeFFyylDh5W7miYLS111sMfFQ8V4MnHRuDkgbBg8NpOoVqKsab8%2BonmU%2Fjv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
893f33771db9193b-FRA
expires
Thu, 05 Jun 2025 02:41:25 GMT
IC_Wordmark_BLACK.png
d17t27i218htgr.cloudfront.net/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWt5TWpoak9HSTRPQzAyTlRCa0xUUmlOMk10T0RCa09DMWhOMkl3TkRKbU1HUTVZMkVHT2daRlZBPT0iLCJleHAi... 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d17t27i218htgr.cloudfront.net/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWt5TWpoak9HSTRPQzAyTlRCa0xUUmlOMk10T0RCa09DMWhOMkl3TkRKbU1HUTVZMkVHT2daRlZBPT0iLCJleHAiOm51bGwsInB1ciI6ImJsb2JfaWQifX0=--0c5e79605c78c89fc3358ed87fa4a58b20837cd8/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9MWm05eWJXRjBTU0lJY0c1bkJqb0dSVlE2RkhKbGMybDZaVjkwYjE5c2FXMXBkRnNIYVFJY0FqQTZDbk5oZG1WeWV3YzZDbk4wY21sd1ZEb01jWFZoYkdsMGVXbGEiLCJleHAiOm51bGwsInB1ciI6InZhcmlhdGlvbiJ9fQ==--061d2e69d2f608c1e3e496e991f46a808bd47955/IC_Wordmark_BLACK.png
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b6e20caf8e61a842cfd5118e9056418f47c0c76f661515b89079765f2139e470
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-disposition
inline; filename="IC_Wordmark_BLACK.png"; filename*=UTF-8''IC_Wordmark_BLACK.png
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D
x-request-id
d64fe2f6-1353-4f88-bcde-8b134fb96433
x-runtime
0.097829
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
Cowboy
etag
W/"756c1d2ac2115ab34219eb48bc926ab5"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718419285&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=ynUB29gDi0MUia33gIaG55%2F3i9uFFjpkI%2F31keGrTfw%3D"}]}
content-type
image/png
content-language
en
cache-control
max-age=3155695200, public
x-amz-cf-id
nYXcjmrR9h5mVY02U23CgwY-MyKkw11JC__D-tBsTaQAArZaDoq39Q==
IC_Wordmark_BLACK.png
d17t27i218htgr.cloudfront.net/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWxrTlRnME1ERTRNaTB4WldObExUUTJaVEV0WVdFelpDMWhOMkppT0RVMU1qQTFaalVHT2daRlZBPT0iLCJleHAi... 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d17t27i218htgr.cloudfront.net/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWxrTlRnME1ERTRNaTB4WldObExUUTJaVEV0WVdFelpDMWhOMkppT0RVMU1qQTFaalVHT2daRlZBPT0iLCJleHAiOm51bGwsInB1ciI6ImJsb2JfaWQifX0=--2799b6a2b3d8ff856d7fed0b9a3cfe3fdced394a/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdDRG9MWm05eWJXRjBTU0lJY0c1bkJqb0dSVlE2RkhKbGMybDZaVjkwYjE5c2FXMXBkRnNIYVFJY0FqQTZDbk5oZG1WeWV3YzZDbk4wY21sd1ZEb01jWFZoYkdsMGVXbGEiLCJleHAiOm51bGwsInB1ciI6InZhcmlhdGlvbiJ9fQ==--061d2e69d2f608c1e3e496e991f46a808bd47955/IC_Wordmark_BLACK.png
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b6e20caf8e61a842cfd5118e9056418f47c0c76f661515b89079765f2139e470
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 11:50:29 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA56-C2
age
917456
x-cache
Hit from cloudfront
content-disposition
inline; filename="IC_Wordmark_BLACK.png"; filename*=UTF-8''IC_Wordmark_BLACK.png
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1717501829&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=jeHjjS08G5dr%2FPPonuiXYRlfFH5WNQToMSSHUb1MqpI%3D
x-request-id
9ba53911-4091-49cb-88c4-9f3779a41838
x-runtime
0.105136
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
Cowboy
etag
W/"1d27d09763e821303ca9b9afed148d7f"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717501829&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=jeHjjS08G5dr%2FPPonuiXYRlfFH5WNQToMSSHUb1MqpI%3D"}]}
content-type
image/png
content-language
en
cache-control
max-age=3155695200, public
x-amz-cf-id
WZvWN48F--Vh-OsfE0gtn5Na3iouJEAh5eVIrg_vqPuT2bQOn07ccA==
swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/7.2.0/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/7.2.0/swiper-bundle.min.css
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5297ba46897d0955bf211bd3d4239fc52a7add3a8830e7dec65523c022a75a9c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://retreat.intelligentchange.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2007002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3836
last-modified
Wed, 27 Oct 2021 11:08:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6179333d-efc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMdnCh02sRVNdgt%2BBH0n6GPKx2HKsxVKB3iCADmSzt0KjC%2BQwq1Y1J6Z1aOvrUQHaaWX56IN4zBEzaqqHO8IcB9vd5p1nlCGga8vs%2FpQ%2BkMH8fvNpmw7h8yFMNW7Ts%2B36G4DAGWd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
893f33771f443667-FRA
expires
Thu, 05 Jun 2025 02:41:25 GMT
swiper-bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/7.2.0/ 		132 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/7.2.0/swiper-bundle.min.js
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330fe5965859f5757348be82340b21f1d473cc9b3fb8c3b1fcd4e082aaf4c0a9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://retreat.intelligentchange.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
884888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
32994
last-modified
Wed, 27 Oct 2021 11:08:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6179333d-80e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2Bc%2Fah6XUo7e6uFNVTio2sKommHsewgMwRHFjm7UgGu9%2FG82s%2BEaj42fyB1Aw6lIVTwM37GxZxvb6zYyigfCKg0s38JlwQF%2B0YE95nUq0Wq8uJ0%2BkKoorou7nXuUUVhZ9CC1SdUT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
893f33771f433667-FRA
expires
Thu, 05 Jun 2025 02:41:25 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://retreat.intelligentchange.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
122361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17041
last-modified
Tue, 22 Mar 2022 17:32:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"623a082a-4291"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeJpXhwpgqLALw0ZgRRyxyMNy9ezPjFuZ2Ezyiwy6X19IJCApJxjQ5jXWnCREY9bF98l0igV43tmZtAINT9io5F3KJstLIa10R8V9A01MAPkTxedxDE7%2BMC69fwtDtoVKe6fdEk9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
893f33771f413667-FRA
expires
Thu, 05 Jun 2025 02:41:25 GMT
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/js/ 		2 MB
490 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/js/all.min.js
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8735c609d465ac29d79bd284e7f08bfe7777de77c4743ca96bb55284d041a785
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://retreat.intelligentchange.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 02:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1312315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
501024
last-modified
Tue, 22 Mar 2022 17:32:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"623a082a-7a520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIUwH6Vprq5itB0SE9CECgEO58FtCOUTtOiSmQDagz6A2c911RI2aFCTTsPyhi6gyTdhDWII3qKTwPK%2BzTEDvpZyyXVtX7PzTALNw0SetyejlZ3J5%2BrL0Vwzq46cl%2BbWpbVYwAC5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
893f33771f403667-FRA
expires
Thu, 05 Jun 2025 02:41:25 GMT
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: retreat.intelligentchange.com
URL: https://retreat.intelligentchange.com/homepage/password
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.45.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 15 Jun 2024 02:41:26 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
B45GH1JWRQKYGPEM
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
N7GSM1F5fJ2xjI65QfOgaRjgmxSMAeqGoRNQTmu96jalW9TFY++Z1sp5f9EmNtqtO3EncQinId4=
8ehl5bdps10y1mb5c9jvm13c42vj
fixers-marketplace-assets.s3.eu-west-1.amazonaws.com/
Redirect Chain
  • https://myeasol.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWxsT1RKbU9UVTFaQzFoWW1abUxUUXhaVFV0WW1ZM01pMWpZemt4TXpKalptWmpNemtHT2daRlZBPT0iLCJleHAiOm51bGwsInB1ciI6I...
  • https://fixers-marketplace-assets.s3.eu-west-1.amazonaws.com/8ehl5bdps10y1mb5c9jvm13c42vj?response-content-disposition=attachment%3B%20filename%3D%22EuclidCircularB-Regular.otf%22%3B%20filename%2A%...
112 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fixers-marketplace-assets.s3.eu-west-1.amazonaws.com/8ehl5bdps10y1mb5c9jvm13c42vj?response-content-disposition=attachment%3B%20filename%3D%22EuclidCircularB-Regular.otf%22%3B%20filename%2A%3DUTF-8%27%27EuclidCircularB-Regular.otf&response-content-type=font%2Fotf&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA6HAIIVBY3YGTDTEM%2F20240615%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20240615T024126Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a92448934cc4e59d23a896763b85405cc6779a2b04c84600fedf58e1475c24d3
Requested by
Host: d17t27i218htgr.cloudfront.net
URL: https://d17t27i218htgr.cloudfront.net/sites/ecf63d23-e696-4dd9-ba04-0c6634b49ebe/assets/site_style?hash=5236d526fd43a63165e70d6eaba5a6bf
Protocol
HTTP/1.1
Server
52.218.120.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
27dfb3a92841554eddbb47efe9c6514bc3c1066a8cb839c99e680a606062a82e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d17t27i218htgr.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 15 Jun 2024 02:41:28 GMT
Last-Modified
Thu, 13 Jun 2024 14:25:46 GMT
Server
AmazonS3
x-amz-request-id
WAA8PR37XEX9XBD5
ETag
"87170575dfe4530a458c65b9fe77685b"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
font/otf
Content-Disposition
attachment; filename="EuclidCircularB-Regular.otf"; filename*=UTF-8''EuclidCircularB-Regular.otf
Accept-Ranges
bytes
Content-Length
115168
x-amz-id-2
C7NkNxmCQbNyQ7UrIg1VI4mvT45ezRs6Q7ztFI1EJmR9Yh01331wVHVvs0+qtEBjgeMqZMsQGmU=

Redirect headers

Date
Sat, 15 Jun 2024 02:41:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubDomains
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Permitted-Cross-Domain-Policies
none
Via
1.1 vegur
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
0
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718419286&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6z8poTbfBDnNHdyNSqxFv8ULau4NQj%2B%2FlaBha4DeXWs%3D
X-Request-Id
236d14fc-3cd8-49a5-905e-c7bfeb065fe0
X-Runtime
0.009777
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, OPTIONS
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718419286&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=6z8poTbfBDnNHdyNSqxFv8ULau4NQj%2B%2FlaBha4DeXWs%3D"}]}
Access-Control-Allow-Origin
*
Location
https://fixers-marketplace-assets.s3.eu-west-1.amazonaws.com/8ehl5bdps10y1mb5c9jvm13c42vj?response-content-disposition=attachment%3B%20filename%3D%22EuclidCircularB-Regular.otf%22%3B%20filename%2A%3DUTF-8%27%27EuclidCircularB-Regular.otf&response-content-type=font%2Fotf&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA6HAIIVBY3YGTDTEM%2F20240615%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Date=20240615T024126Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a92448934cc4e59d23a896763b85405cc6779a2b04c84600fedf58e1475c24d3
Access-Control-Expose-Headers
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=300, private
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding, Origin
Content-Language
de
favicon32x32.png
d17t27i218htgr.cloudfront.net/rails/active_storage/blobs/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWxqTnpOaFl6aGxOeTFsTjJJd0xUUmhOR0l0T0Raa01pMDRNRE13TURBMk1qVTJNVGdHT2daRlZBPT0iLCJleHAiOm51bGwsIn... 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d17t27i218htgr.cloudfront.net/rails/active_storage/blobs/proxy/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaWxqTnpOaFl6aGxOeTFsTjJJd0xUUmhOR0l0T0Raa01pMDRNRE13TURBMk1qVTJNVGdHT2daRlZBPT0iLCJleHAiOm51bGwsInB1ciI6ImJsb2JfaWQifX0=--8e84f882d178881fd4f5fa9f7584588d8ac79898/favicon32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4200:19:c7e:dac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
d7c5cd0b8c8ba88ca89e8d02c3cbda427fd897fffd9ed73cb6761cd801496f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://retreat.intelligentchange.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 18:33:48 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA56-C2
age
2362058
x-cache
Hit from cloudfront
content-disposition
inline; filename="favicon32x32.png"; filename*=UTF-8''favicon32x32.png
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1716057228&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=bVNd%2BxJGhP81VyVWLecpdmxYyyGT3Q7gLzbeGc9C6L8%3D
x-request-id
5ce6f680-ce7f-4015-9a08-bd4df05c1291
x-runtime
0.067834
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
Cowboy
etag
W/"121811305c840acf98494a1cdfe62ccc"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716057228&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=bVNd%2BxJGhP81VyVWLecpdmxYyyGT3Q7gLzbeGc9C6L8%3D"}]}
content-type
image/png
content-language
en
cache-control
max-age=3155695200, public
accept-ranges
bytes
x-amz-cf-id
BWQHhdo08pBRBuRv9QniXAr0R-hQpv5iYb4YJQu4utW50rYFpMPTvg==

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| event object| fence object| sharedStorage function| createDelays function| getHeaderHeight function| navScroll function| openOverlay function| closeOverlay function| toggleOverlay function| showSubnav function| setMenuPosition function| Swiper object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| $ function| jQuery object| mc function| $mcj object| fnames object| ftypes object| easol object| DD_LOGS object| Easol object| acc function| disableButton function| enableButton function| attachNumStepper function| attachDropdown function| showPleaseWait function| viewRoom function| closeRoom function| showOccupancy function| showCalendar function| setActiveDates function| resetActiveDates function| covertDateFormat function| updateDateText function| disableInvalidDates function| resetInvalidDates function| handleDateSelect function| updatePrices function| updateTotal function| disableCheckoutDates function| viewModifiers function| closeModifiers function| selectModifier function| deselectModifier function| toggleModifier function| selectedInputsForGroup function| validateModifierGroup function| validateModifierGroups function| nextModifiers function| appendModifier function| appendModifiers function| submitModifiers function| getBreadcrumbHeight function| getTabsHeight function| setSidebarTop function| calculateCartHeight function| openCart function| closeCart function| toggleCart function| setCookie function| getCookie function| selectCurrency function| updateCurrency function| pwprotect

6 Cookies

Domain/Path Name / Value
retreat.intelligentchange.com/ Name: country
Value: DE
.intelligentchange.com/ Name: currency_code
Value: EUR
retreat.intelligentchange.com/ Name: ahoy_visitor
Value: 58a0c85f-537b-4a50-94a5-a4e36b1dceb1
retreat.intelligentchange.com/ Name: ahoy_visit
Value: 9b7fdcb1-48d2-4be8-b0e0-f907d185c74e
.intelligentchange.com/ Name: _marketplace_session
Value: XMa9RrJK52QqZENFPTycx2qNhhEZaFfUxLj38gA3RYrvChJGhvcpQitF4TIYcPO7bu3kzHIm2jJbylxXQrp6ClPHMtLqBq%2BprXTCOwa0iYHWQ%2BV4zzBEzEtS%2BlYTX7%2FGznPydgak%2FQGqBw40HP739ZfobEGo1GmyXAxsFVxKOYE86FPDHcUgkjPrygJQ32e%2BY1dslQPjSlNobcmO3wv2cHK3VOU1wDVQw%2B%2FCBxL1geZKG11mYia4fpx6QK6RqNQOXQKqko%2FrBxO0BOql76xKFxrbaUW1qjWcQqEDgQ%3D%3D--2oUOZxogWy8Wqidp--VKLhyfRaKVb8HY5u0A4Pbw%3D%3D
retreat.intelligentchange.com/ Name: _dd_s
Value: logs=1&id=c07b6f23-d7ad-478d-bec3-a8a30b06918e&created=1718419286690&expire=1718420186690

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://retreat.intelligentchange.com/homepage/password
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0