www.villamandalaybali.com Open in urlscan Pro
13.231.80.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://villamandalaybali.com/
Effective URL:
https://www.villamandalaybali.com/
Submission: On May 28 via api (May 28th 2024, 11:18:34 am UTC) from US — Scanned from GB

Summary HTTP 126 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 54 IPs in 11 countries across 41 domains to perform 126 HTTP transactions. The main IP is 13.231.80.41, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.villamandalaybali.com.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.

This is the only time www.villamandalaybali.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	31.22.4.80 31.22.4.80	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
36	13.231.80.41 13.231.80.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	178.237.33.51 178.237.33.51	8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	95.100.146.25 95.100.146.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
5	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
1 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::19 2a02:2638:3::19	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	164.132.25.185 164.132.25.185	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.74.194.229 54.74.194.229	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	54.229.87.16 54.229.87.16	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.125.138.63 3.125.138.63	16509 (AMAZON-02) (AMAZON-02)
1	34.227.153.116 34.227.153.116	14618 (AMAZON-AES) (AMAZON-AES)
1	38.133.127.31 38.133.127.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.197.197.216 18.197.197.216	16509 (AMAZON-02) (AMAZON-02)
1	23.52.181.90 23.52.181.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4280:807b:3d3a:e60e:91a5	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.19.175.6 52.19.175.6	16509 (AMAZON-02) (AMAZON-02)
1	18.156.206.235 18.156.206.235	16509 (AMAZON-02) (AMAZON-02)
126	54

1 31.22.4.80 (Leeds, United Kingdom) 1 redirects

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv46.byethost46.org

villamandalaybali.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 13.231.80.41 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

www.villamandalaybali.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.237.33.51 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)

ssl.geoplugin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.146.25 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-25.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

elitehavens.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::19 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

measurement-api.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.25.185 (France)

ASN16276 (OVH, FR)
PTR: ip185.ip-164-132-25.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.194.229 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-194-229.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.87.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-87-16.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.138.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-138-63.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.227.153.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-153-116.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.133.127.31 (Sacramento, United States)

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.197.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-197-216.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.181.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-181-90.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:807b:3d3a:e60e:91a5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.175.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-175-6.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.206.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-206-235.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	villamandalaybali.com 1 redirects villamandalaybali.com www.villamandalaybali.com	2 MB
10	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095 maps.google.com — Cisco Umbrella Rank: 2257	226 KB
7	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3769 gum.criteo.com — Cisco Umbrella Rank: 444 sslwidget.criteo.com — Cisco Umbrella Rank: 2305 measurement-api.criteo.com — Cisco Umbrella Rank: 2708 dis.criteo.com — Cisco Umbrella Rank: 652	28 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2248 ekr.zdassets.com — Cisco Umbrella Rank: 2556	363 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 89 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 272	4 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	586 KB
5	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3755	317 B
5	adform.net 1 redirects s2.adform.net — Cisco Umbrella Rank: 5217 a1.adform.net — Cisco Umbrella Rank: 11876 cm.adform.net — Cisco Umbrella Rank: 1150 c1.adform.net — Cisco Umbrella Rank: 591	33 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	143 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	21 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380 maps.googleapis.com — Cisco Umbrella Rank: 361	10 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	14 KB
3	gstatic.com fonts.gstatic.com	78 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1887	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 539	721 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	86 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2285	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3118	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5187	235 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 413	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2830	400 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2861	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 520	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 404	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 898	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 918	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1096	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1632	880 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 759	814 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 12170	274 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 716	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 509	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 757	342 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1260	378 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1806	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 698	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 368	235 B
1	zendesk.com elitehavens.zendesk.com	1 KB
1	geoplugin.net ssl.geoplugin.net — Cisco Umbrella Rank: 45746	2 KB
126	41

	Domain	Requested by
36	www.villamandalaybali.com	www.villamandalaybali.com analytics.tiktok.com
6	static.zdassets.com	www.googletagmanager.com static.zdassets.com www.villamandalaybali.com
6	www.googletagmanager.com	www.villamandalaybali.com www.google-analytics.com www.googletagmanager.com
5	maps.google.com	www.villamandalaybali.com maps.google.com
5	www.google.co.uk	www.villamandalaybali.com
5	analytics.tiktok.com	www.villamandalaybali.com analytics.tiktok.com
3	ib.adnxs.com	2 redirects
3	www.google.com	www.villamandalaybali.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.villamandalaybali.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.villamandalaybali.com www.google-analytics.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	sync.1rx.io	2 redirects
2	dis.criteo.com
2	a1.adform.net	1 redirects www.villamandalaybali.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	cdnjs.cloudflare.com	www.villamandalaybali.com cdnjs.cloudflare.com
2	fonts.googleapis.com	www.villamandalaybali.com ajax.googleapis.com
1	c1.adform.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	sync.targeting.unrulymedia.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	measurement-api.criteo.com	analytics.tiktok.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	maps.googleapis.com	analytics.tiktok.com
1	elitehavens.zendesk.com	static.zdassets.com
1	ekr.zdassets.com	static.zdassets.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s2.adform.net	www.villamandalaybali.com
1	dynamic.criteo.com	www.googletagmanager.com
1	ssl.geoplugin.net	www.googletagmanager.com
1	ajax.googleapis.com	www.villamandalaybali.com
1	villamandalaybali.com	1 redirects
126	57

This site contains links to these domains. Also see Links.

Domain
www.elitehavens.com
booking.privatehomesandvillas.com
www.facebook.com
www.pinterest.com
www.instagram.com
www.twitter.com
www.linkedin.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
www.villamandalaybali.com R3	`2024-04-28` - `2024-07-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
ssl.geoplugin.net Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-21`	a year	crt.sh
zdassets.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.co.uk WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
elitehavens.zendesk.com E1	`2024-04-27` - `2024-07-26`	3 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2024-06-06`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-10-27` - `2024-11-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
teads.tv R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.villamandalaybali.com/
Frame ID: F802F161855936FCBED933DAF86D7F3F
Requests: 94 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.villamandalaybali.com&origin=onetag
Frame ID: 3351E0774512D2AF54CEF25F4D688189
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js
Frame ID: E325A1BE6F6311F91C85A6B550B65737
Requests: 6 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_gid=CAESEFBDQheqiWvNbOSdZFiq4FU&google_cver=1&google_ula=913071,0
Frame ID: 2BD6F2D8E7A91210BB1286A067E9C684
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mandalay Villas - Seseh Beach, Bali 7 and 4 bedroom villas

Page URL History Show full URLs

https://villamandalaybali.com/ HTTP 301
http://www.villamandalaybali.com/ HTTP 307
https://www.villamandalaybali.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

126
Requests

95 %
HTTPS

25 %
IPv6

41
Domains

57
Subdomains

54
IPs

11
Countries

3483 kB
Transfer

7499 kB
Size

51
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.elitehavens.com/aboutus.aspx
Title: About Elite Havens

Search URL Search Domain Scan URL

URL: https://booking.privatehomesandvillas.com/availvillas.html?villaid=MandalayVillas
Title: Enquire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elitehavens?ref_type=bookmark

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elitehavensall/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elitehavens

Search URL Search Domain Scan URL

URL: https://www.twitter.com/elitehavens

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/elite-havens

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2fLFvrddDBUVvjhrRUrEUg

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@elitehavens

Search URL Search Domain Scan URL

URL: https://www.elitehavens.com/
Title: the Elite Havens Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://villamandalaybali.com/ HTTP 301
http://www.villamandalaybali.com/ HTTP 307
https://www.villamandalaybali.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://a1.adform.net/Serving/TrackPoint/?pm=3145648&ADFPageName=Elite%20Havens%20-%20Home%20Page&ADFdivider=%7C&ord=542580721832&ADFtpmode=2&loc=https%3A%2F%2Fwww.villamandalaybali.com%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24 HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3145648&ADFPageName=Elite%20Havens%20-%20Home%20Page&ADFdivider=%7C&ord=542580721832&ADFtpmode=2&loc=https%3A%2F%2Fwww.villamandalaybali.com%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_cm&google_hm=ay1SQXRKRnptbDM1eExJVDhrTFNpbHlZMmtIVEFWY3JFSGxQeE9EZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_gid=CAESEFBDQheqiWvNbOSdZFiq4FU&google_cver=1&google_ula=913071,0

Request Chain 101

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2677242898621103773

Request Chain 104

https://sync.1rx.io/usersync/criteodsp/k-vf5iUjml35xLIT8kLSilyY2kHTC-WJrgnkNXfg HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-vf5iUjml35xLIT8kLSilyY2kHTC-WJrgnkNXfg?zcc=1&cb=1716895108442 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003

Request Chain 107

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bUUqhjml35xLIT8kLSilyY2kHTC7_98sKZHfKg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bUUqhjml35xLIT8kLSilyY2kHTC7_98sKZHfKg&C=1

Request Chain 108

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1b-iXtxab_3Umcp6s1-KhJksCCagvbgo HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1b-iXtxab_3Umcp6s1-KhJksCCagvbgo

126 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.villamandalaybali.com/
Redirect Chain

https://villamandalaybali.com/
http://www.villamandalaybali.com/
https://www.villamandalaybali.com/

63 KB
13 KB

2210ms
1528ms

Document
text/html

13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: fee2cba0d251a35630458cecb036d8be700701a8fe7217ec0116c96f551cddfa

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 13073
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 May 2024 11:18:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding,User-Agent
X-Mod-Pagespeed: 1.12.34.2-0

Redirect headers

Location: https://www.villamandalaybali.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK fontawesome,_css,_font-awesome.min.css+css,_jquery-ui.min.css+css,_animate.css+owlcarousel,_owl.carousel.min.css.pagespeed.cc.C8Uo2D18SR.css
www.villamandalaybali.com/resources/mandalay/ 75 KB
14 KB 309ms
302ms Stylesheet
text/css 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/fontawesome,_css,_font-awesome.min.css+css,_jquery-ui.min.css+css,_animate.css+owlcarousel,_owl.carousel.min.css.pagespeed.cc.C8Uo2D18SR.css
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8be9f1d3f38e64b49a0f30737268bcb4f1e07c77f5930b49796fff67a00de797

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 May 2024 11:13:36 GMT
Server: Apache/2.4.52 (Ubuntu)
X-Original-Content-Length: 76848
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14099
Expires: Wed, 28 May 2025 11:13:36 GMT

GET
H/1.1 200
OK bookingbar.css
www.villamandalaybali.com/resources/common/bookingbar/css/ 11 KB
3 KB 585ms
305ms Stylesheet
text/css 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common/bookingbar/css/bookingbar.css
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c2fad45238dc29bef69a6bdfb7bc1ade77ced2d152870e4855522db1bb08217d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 May 2018 01:13:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2b9f-56bcfb9d96a38-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2155

GET
H/1.1 200
OK common,_global,_css,_default.css+mandalay,_style.css,qver==1.1+common,_global,_css,_default-responsive.css.pagespeed.cc.TviKqhVs_j.css
www.villamandalaybali.com/resources/ 231 KB
26 KB 892ms
305ms Stylesheet
text/css 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common,_global,_css,_default.css+mandalay,_style.css,qver==1.1+common,_global,_css,_default-responsive.css.pagespeed.cc.TviKqhVs_j.css
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: cd8c51b736a0e2f8582957b9c072ba902aefaddff6f5782dca78ba2fba448da5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 May 2024 11:13:36 GMT
Server: Apache/2.4.52 (Ubuntu)
X-Original-Content-Length: 236156
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26536
Expires: Wed, 28 May 2025 11:13:36 GMT

GET
H/1.1 200
OK modernizr.3-5-0.min.js Show response
www.villamandalaybali.com/resources/mandalay/js/ 4 KB
2 KB 331ms
317ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/js/modernizr.3-5-0.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c407d2d7a6f60c74cdd59c2341f3246a3dbe5187a256c61d1818c1dc33014a61

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:24 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "110e-5bac968493b89-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1819

GET
H/1.1 200
OK Villa%20Mandalay%20-%20Refreshing%20coconut%20with%20a%20view.jpg
www.villamandalaybali.com/resources/mandalay/content/home/thumb/ 3 KB
4 KB 892ms
300ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/content/home/thumb/Villa%20Mandalay%20-%20Refreshing%20coconut%20with%20a%20view.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

9a7578e4ce36a5e0d42e276d49ddd778708dc5322cbb0d3e519be9a0a9c23259

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:56 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "d3f-5bac96a30e0ec"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3391
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20Dua%20-%20Blissful%20poolside.jpg
www.villamandalaybali.com/resources/mandalay/content/home/thumb/ 3 KB
4 KB 892ms
300ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/content/home/thumb/Villa%20Mandalay%20Dua%20-%20Blissful%20poolside.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

42744f14646193d9d1b955f114f1d54b95a58afb2ec9d7869c5a168f488cacfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:56 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "d64-5bac96a39ba6e"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3428
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20-%20Pool%20bale%20with%20paddyfield%20views.jpg
www.villamandalaybali.com/resources/mandalay/content/home/thumb/ 7 KB
7 KB 299ms
299ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/content/home/thumb/Villa%20Mandalay%20-%20Pool%20bale%20with%20paddyfield%20views.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

f42da7e9475773d81a16a74a6278ccdcb1731876ec9516312d80faf7b5de7fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1ac5-5bac96a2b81fe"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6853
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20-%20NVKR-6774.jpg
www.villamandalaybali.com/resources/mandalay/content/home/thumb/ 8 KB
8 KB 328ms
316ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/content/home/thumb/Villa%20Mandalay%20-%20NVKR-6774.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

59dafb1640662acb69446a1bc159ea9dce9bccf5f38899d29f229d76c40e8095

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:55 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1ffe-5bac96a2a2a42"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8190
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK xchse-badge.png.pagespeed.ic.DaZ8FNldhs.webp
www.villamandalaybali.com/resources/common/images/ 12 KB
12 KB 326ms
324ms Image
image/png 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/common/images/xchse-badge.png.pagespeed.ic.DaZ8FNldhs.webp

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

5b9fe2ef704694cd8a041fcba10c358a362574647ab841c62363739b4f7fa9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Nov 2021 01:36:22 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=300,private
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://www.villamandalaybali.com/resources/common/images/chse-badge.png>; rel="canonical"
Content-Length: 11874
Keep-Alive: timeout=5, max=97
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
www.villamandalaybali.com/resources/mandalay/js/ 95 KB
33 KB 307ms
307ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/js/jquery-1.12.4.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "17b8e-5bac9683f19eb-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33766

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.villamandalaybali.com/resources/mandalay/js/ 36 KB
11 KB 298ms
296ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/js/jquery-ui.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 2063402bc7a9dbcfe5690a2ef017bc2ce43667f92c941a44fa5a9269c1025638

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "8f43-5bac9683eac8c-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11104

GET
H/1.1 200
OK ls.unveilhooks.min.js Show response
www.villamandalaybali.com/resources/mandalay/lazysizes/ 1 KB
1003 B 362ms
361ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/lazysizes/ls.unveilhooks.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b85b268c69791fb4cf9def3d1209b060f93d9997031689788dfefc6467ff3cf7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:24 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "4d5-5bac9684aa2e4-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 594

GET
H/1.1 200
OK ls.bgset.min.js Show response
www.villamandalaybali.com/resources/mandalay/lazysizes/ 3 KB
1 KB 364ms
356ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/lazysizes/ls.bgset.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: f9b78c62a4d69eae70cc45172928b942e8aba33e8217684c39a14b585b8776a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "a3c-5bac96842e29e-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1061

GET
H/1.1 200
OK lazysizes.min.js Show response
www.villamandalaybali.com/resources/mandalay/lazysizes/ 6 KB
3 KB 365ms
358ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/lazysizes/lazysizes.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 92614d9570c0a2e3c2f34bda86556f1ba6638235599f157373468f3944736afc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1966-5bac96842a41f-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3102

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.villamandalaybali.com/resources/mandalay/owlcarousel/ 42 KB
11 KB 369ms
361ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/owlcarousel/owl.carousel.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:25 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "a70e-5bac968532e47-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10926

GET
H/1.1 200
OK bookingbar.js Show response
www.villamandalaybali.com/resources/common/bookingbar/js/ 9 KB
3 KB 297ms
296ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common/bookingbar/js/bookingbar.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 207d4cf003ba825d7764da86de819b0607850a174b944cc57c6cfd17ccb13e33

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Jan 2019 03:58:51 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "248a-5802c3a727923-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2420

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
www.villamandalaybali.com/resources/mandalay/js/ 24 KB
8 KB 307ms
307ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/js/masonry.pkgd.min.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 0894cc62f8e406d115cc4f9491e8bc51b70c6c49005401ff7e9e7db625bdb9fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:23 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "5e1a-5bac9684013e7-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7363

GET
H/1.1 200
OK site.js Show response
www.villamandalaybali.com/resources/mandalay/js/ 1 KB
809 B 304ms
303ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/js/site.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b9f3096433d70499dd423a9cd154ac0cc8b33b830f52f389d24c9148549da10d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 01:51:24 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "408-5bac9684e2d18-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 400

GET
H/1.1 200
OK default.js Show response
www.villamandalaybali.com/resources/common/global/js/ 109 KB
20 KB 309ms
308ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common/global/js/default.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 5277233b3215d49a4c7bb002f9ca1559c96a5a3980143461195789c9f6f4011c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2023 06:20:49 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1b45b-60a53232e98d0-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 20428

GET
H/1.1 200
OK villa_new.js Show response
www.villamandalaybali.com/resources/common/js/ 11 KB
3 KB 309ms
309ms Script
text/javascript 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common/js/villa_new.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 3f9e9c8d8f122103646c7397d0237ff658f90a3631ee7aecd130f4300cbda544

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Nov 2023 03:09:14 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2b04-60ab50b414bb5-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2287

GET
H2 200 css
fonts.googleapis.com/ 2 KB
837 B 145ms
53ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/resources/common/bookingbar/css/bookingbar.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 May 2024 11:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 May 2024 11:07:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 May 2024 11:18:23 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 84ms
38ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/resources/common,_global,_css,_default.css+mandalay,_style.css,qver==1.1+common,_global,_css,_default-responsive.css.pagespeed.cc.TviKqhVs_j.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1682177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6599bda5-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9zWsdCQe5tGrFR30lCp4K8uA79L9fW%2B1bCZ7R%2FnOm1StNUVUAGcYuSDHgQz8%2B0QsY5EwGGqvB7LTgbb57CtBiGhZq3a9zBSVLVLPlgSZ60KsvPJsfz%2FJxTupI064db5fCmrWcXk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88add7ffacca650f-LHR
expires: Sun, 18 May 2025 11:18:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 191ms
41ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 May 2024 09:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5841
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 May 2024 11:41:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 504 KB
127 KB 246ms
92ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

beac7f0f107a1052e51b6b06b3b1b14a7dde2d8b5a6b305b71517cfe24680fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129797
x-xss-protection: 0
last-modified: Tue, 28 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 May 2024 11:18:24 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a08e670354bb03faa3253cd47b6decb3137044852c5ae9c58ea44e57ec20886

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 192ms
43ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:45:04 GMT

GET
H/1.1 200
OK highlight_promo.css
www.villamandalaybali.com/resources/common/addons/highlight_promo/ 3 KB
1 KB 507ms
298ms Stylesheet
text/css 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common/addons/highlight_promo/highlight_promo.css
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 949d8a4a6d7b1109b1b1f6aa1b624f3273a8eb034c2d8359e1c047e21e30b4b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 09:20:29 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "c1c-5d9d9b9add5e7-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 842

GET
H/1.1 200
OK icon-sprite.png
www.villamandalaybali.com/resources/mandalay/images/ 14 KB
15 KB 317ms
317ms Image
image/png 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/images/icon-sprite.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

76da2a8f40859a029bf3826980af8d415a5d2e962a369da3862fbb618614371f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/resources/common,_global,_css,_default.css+mandalay,_style.css,qver==1.1+common,_global,_css,_default-responsive.css.pagespeed.cc.TviKqhVs_j.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:22 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "3877-5bac96829cd12"
Vary: User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 14455
Expires: Tue, 28 May 2024 11:21:17 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
76 KB 85ms
42ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://www.villamandalaybali.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76764
last-modified: Sat, 06 Jan 2024 21:53:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6599bdbd-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9mFt4yA6zAEve4PyT1RJR2HsySY%2BmQej5KK2e2M%2B7KJ2YvCowvytOrGLt4tfEeGZBTh6ApYswOKQQkQCr08EWgXAd8iqdbk%2Bg0KqFeEdSON8SB3TJaU0dX9ZJlPymNyU8mpFW4V"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88add800cc6863d2-LHR
expires: Sun, 18 May 2025 11:18:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 66ms
66ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto:300,400%7CFrank+Ruhl+Libre:300,400

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e4f0aafaa5f95b68ccc12fd7e4f61ee9fbbde279d3c791f89ce78765c936079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 May 2024 11:18:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 May 2024 11:18:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
228 B 59ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1716976095&t=pageview&_s=1&dl=https%3A%2F%2Fwww.villamandalaybali.com%2F&ul=en-gb&de=UTF-8&dt=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1278103296&gjid=892880958&cid=1016131297.1716895104&tid=UA-48763027-1&_gid=719772038.1716895104&_r=1&_slc=1&z=1030886718

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

97297d8ceeb1efea58e9deeb5071110e185c3bbec19992e5991eb89e24218577

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v21/ 43 KB
43 KB 209ms
104ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto:300,400%7CFrank+Ruhl+Libre:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.villamandalaybali.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:40:20 GMT
x-content-type-options: nosniff
age: 463084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44372
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 18:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:40:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 158ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto:300,400%7CFrank+Ruhl+Libre:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.villamandalaybali.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:43:48 GMT
x-content-type-options: nosniff
age: 462876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:43:48 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 160ms
57ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%7CRoboto:300,400%7CFrank+Ruhl+Libre:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.villamandalaybali.com
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 25 May 2024 12:31:52 GMT
x-content-type-options: nosniff
age: 254792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 May 2025 12:31:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 85ms
84ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BT430HBZG5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6e230d2686fcc50bafc87e7a38f35347cd274db23ea399aa768a8f8ed325ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 May 2024 11:18:24 GMT

GET
H/1.1 200
OK xlogo.png.pagespeed.ic.nJz0FtTIlC.webp
www.villamandalaybali.com/resources/mandalay/images/ 2 KB
2 KB 439ms
297ms Image
image/webp 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.villamandalaybali.com/resources/mandalay/images/xlogo.png.pagespeed.ic.nJz0FtTIlC.webp
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 90b51997831e24b22ae17f451a33c9f5eff96965ba04213fef6c4ca54a904fbf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Last-Modified: Tue, 28 May 2024 11:16:33 GMT
Server: Apache/2.4.52 (Ubuntu)
X-Original-Content-Length: 2271
Etag: W/"0"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://www.villamandalaybali.com/resources/mandalay/images/logo.png>; rel="canonical"
Content-Length: 1996
Keep-Alive: timeout=5, max=97
Expires: Wed, 28 May 2025 11:16:33 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20Dua%20-%20Poolside%20paradise.jpg
www.villamandalaybali.com/resources/mandalay/headers/ 338 KB
338 KB 400ms
297ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/headers/Villa%20Mandalay%20Dua%20-%20Poolside%20paradise.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

22fb86790ad05abddf5807e765cd6e34072f8bc885ae4460238fff46239a6fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:22 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "54703-5bac968258760"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 345859
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20-%20Pool.jpg
www.villamandalaybali.com/resources/mandalay/headers/ 498 KB
499 KB 550ms
301ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/headers/Villa%20Mandalay%20-%20Pool.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

0c36b328e1e3a36fd5cf51756d63e923c67de95b2a09e4eb1483dad9a990083f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:20 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "7c8f3-5bac96813e3fb"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 510195
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 97ms
96ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HWNLEB27ZM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

306710f65a687ccf80a1735fc8f5fa42e5243a4651515ef4bc67604df1e2d834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 May 2024 11:18:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
91 KB 84ms
84ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WMHR2TK1FK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3a734f9ea10a57ba90797942b66a94d63add3e5fa773e3ad234676ee941505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 May 2024 11:18:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 78ms
78ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1716976095&t=pageview&cu=USD&_s=1&dl=https%3A%2F%2Fwww.villamandalaybali.com%2F&ul=en-gb&de=UTF-8&dt=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAACAEK~&jid=1236042778&gjid=1212828338&cid=1016131297.1716895104&tid=UA-59678517-1&_gid=719772038.1716895104&_slc=1&gtm=45He45m0n71MMM2GJv71030579za200&cg1=estate&cg2=bali&cg3=99&cg4=Villa%20Website%20(Direct)&cg5=villamandalaybali.com&gcd=13l3l3l3l1&dma=0&z=1468687570

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
359 B 141ms
37ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59678517-1&cid=1016131297.1716895104&jid=1236042778&gjid=1212828338&_gid=719772038.1716895104&_u=aGDAiEABBAAAAGAEK~&z=120961806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 May 2024 11:18:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK javascript.gp Show response
ssl.geoplugin.net/ 2 KB
2 KB 243ms
41ms Script
application/javascript 178.237.33.51
ATOM86-AS ATOM86

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.geoplugin.net/javascript.gp?k=b153f4b09f996ac5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.237.33.51 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software: Apache /
Resource Hash: 203009feed7755950a0c9079489b745311e407dbddf7314543bb6af1d1fe214f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 28 May 2024 11:18:24 GMT
cache-control: public, max-age=300
server: Apache
content-length: 1578
content-type: application/javascript; charset=utf-8

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 221 KB
80 KB 137ms
137ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-994443093&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e4a3d5b50f60970da55348b19ad6c764d71a7960c6d55725d637f8512662b85c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81966
x-xss-protection: 0
last-modified: Tue, 28 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 May 2024 11:18:24 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 258 KB
89 KB 169ms
169ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-971510718&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b5ba41b38d77bbb6ad0f615045f80a56c850dfbcb76f4eeb019e565a1d7c8199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91366
x-xss-protection: 0
last-modified: Tue, 28 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 May 2024 11:18:24 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 161ms
63ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=0ebdd80a-f7d5-48ff-bfb4-c3613bdd7660

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: NKRVV37QNNPZ4RT2
age: 9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ur8skn2Su0xLCryq584/6GyhhmBWQeOSzYN4kJpyePT0qju79IFETGIqAPS8bO/VWhcWOZYAPQk=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MD6HYkHtbCr0gQUPXlgWN09WR%2FbGddOvWsEq%2BMLjKVvY6E9EkV0Gx07xTEuxeAvlkgvgwE8ckFfgZtWzqfFjiH8FcvqYHIknOZSXv%2FmM3fOfllmTDggbhQtITDxLiHrPuMvBTmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 88add80378f40686-LHR
access-control-allow-headers: *

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 155ms
59ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 28 May 2024 11:18:24 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CCED348380C447494F02153E16C273C Ref B: LON212050705053 Ref C: 2024-05-28T11:18:24Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 172ms
82ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=%5B102084%2C104820%2C104822%2C104819%2C104818%2C104821%5D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMM2GJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b38154f4f3a9205864b732dec3a9f15a39b853ec55261d621adcb168fdef1fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 7 KB
3 KB 445ms
194ms Script
application/javascript 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKADI7JC77UE2IQFBPSG&lib=ttq
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 38573ef676956b4e8ccb224163fc54ec887cadc13ad94d865db78c747e0e5494

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1cac4682.87592307
date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405281118243546DA19FAA0C188A28B-4EA85343BA1E1437-00
x-cache: TCP_MISS from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 127,95.100.146.21
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=20, inner; dur=3
content-length: 2235
pragma: no-cache
server: nginx
x-tt-logid: 202405281118243546DA19FAA0C188A28B
x-cache-remote: TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.220.105.69
x-tt-trace-host: 0133c5af4d845857f7156a8e4b29b3df89067c60ff6f64e41b65adec01dd6cef77292253797ff903ef8a8a50e1295225b65137ea6427cfd9e9b78d1f635738bf9a4fdeb321e6b3b2670ac42a3035718db8a3440bb83b0b428d4cabee62ec9134ae2516e8a393f88c9d0e08f33e0ad0d8c2
expires: Tue, 28 May 2024 11:18:24 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 80 KB
31 KB 306ms
60ms Script
application/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 07:02:31 GMT
server: nginx
x-amz-request-id: tx00000165e1a4f1eaa606d-0065ead358-3296b091-default
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 196ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BT430HBZG5&gtm=45je45m0v9133677413za200&_p=1716895103986&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-gb&sr=1600x1200&cid=1016131297.1716895104&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.villamandalaybali.com%2F&dt=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&sid=1716895104&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4258
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BT430HBZG5&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK promo-badge.png
www.villamandalaybali.com/resources/common/addons/highlight_promo/images/ 7 KB
7 KB 305ms
305ms Image
image/png 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/common/addons/highlight_promo/images/promo-badge.png

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

334fbdd08cd11b02160e925ad9931898512ccbd29896652e9e3fd97fcdbbb1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 14 Nov 2019 03:53:08 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1c26-597466b583100"
Vary: User-Agent
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7206
Expires: Tue, 28 May 2024 11:21:19 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 180ms
68ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59678517-1&cid=1016131297.1716895104&jid=1236042778&_u=aGDAiEABBAAAAGAEK~&z=532375201

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 140ms
75ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59678517-1&cid=1016131297.1716895104&jid=1236042778&_u=aGDAiEABBAAAAGAEK~&z=532375201

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 137002079.js Show response
bat.bing.com/p/action/ 0
118 B 88ms
32ms Script
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137002079.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 28 May 2024 11:18:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 168A296ABD58453A8E1D4F63BED71262 Ref B: LON212050705053 Ref C: 2024-05-28T11:18:24Z
x-cache: CONFIG_NOCACHE

GET
H2 200 0ebdd80a-f7d5-48ff-bfb4-c3613bdd7660 Show response
ekr.zdassets.com/compose/ 938 B
1 KB 299ms
216ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/0ebdd80a-f7d5-48ff-bfb4-c3613bdd7660

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=0ebdd80a-f7d5-48ff-bfb4-c3613bdd7660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1bddc8c88a4f57870cd134e3b51978b98e18f546205173d07d06aba1a33d603

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:24 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 88ad4dabeb4e951b-SEA, 88ad4dabeb4e951b-SEA
x-runtime: 0.003815
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a1bddc8c88a4f57870cd134e3b51978b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9MdDh2WdBVUsXCjHdxeSQLDSfgIdrRRFGGetqyEmBKwYuEg0lkdo1v%2B176F3585i0CS3V8mYYcfXbOWfTl93l135cosAgKYihojovkVX442BcPKL%2BakXlPjlMRquB5n7Ck%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 88add8050883953e-LHR

GET
H2 200 syncframe
gum.criteo.com/ Frame 3351 0
0 134ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.villamandalaybali.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=%5B102084%2C104820%2C104822%2C104819%2C104818%2C104821%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.villamandalaybali.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 May 2024 11:18:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 377629
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 200
OK promo_exclusion.txt Show response
www.villamandalaybali.com/resources/common/promo/ 0
359 B 396ms
300ms XHR
text/plain 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/common/promo/promo_exclusion.txt
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/resources/mandalay/js/jquery-1.12.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01
Referer: https://www.villamandalaybali.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:24 GMT
Last-Modified: Mon, 14 Jan 2019 07:27:32 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "0-57f65fa5c04d4"
Vary: User-Agent
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 0

GET
DATA 200
OK truncated
/ 434 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca3ba3a2e9195da8a89e95776754574c2f8c9501a1ee534141572001f9f9381b

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 419 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d87ae58ae88b6c0399c92b8eb7a96c57055772d95a2fdac8859627a3aafbfb40

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 57ms
51ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WMHR2TK1FK&_ng=1&gtm=45je45m0v9136244574z871030579za200zb71030579&_p=1716895103986&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1016131297.1716895104&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716895104&sct=1&seg=0&dl=https%3A%2F%2Fwww.villamandalaybali.com%2F&dt=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&en=page_view&_fv=1&_ss=1&tfd=4670
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMHR2TK1FK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 55ms
55ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-WMHR2TK1FK&cid=1016131297.1716895104&gtm=45je45m0v9136244574z871030579za200zb71030579&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMHR2TK1FK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 89ms
88ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-WMHR2TK1FK&cid=1016131297.1716895104&gtm=45je45m0v9136244574z871030579za200zb71030579&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1623020730

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
286 B 48ms
48ms Image
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137002079&tm=gtm002&Ver=2&mid=53d315b1-ff43-47a5-8c35-fc240c40836c&sid=00022b601ce411efab957b9fdf1ef1c7&vid=0005f0f01ce411ef9ba4afda863a99fc&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Mandalay%20Villas%20-%20Seseh%20Beach,%20Bali%207%20and%204%20bedroom%20villas&p=https%3A%2F%2Fwww.villamandalaybali.com%2F&r=&lt=4540&evt=pageLoad&sv=1&rn=183036

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 May 2024 11:18:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76317B7DE922467AA6FE9F27A56B8B83 Ref B: LON212050705053 Ref C: 2024-05-28T11:18:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/994443093/ 4 KB
2 KB 142ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994443093/?random=1716895105151&cv=11&fst=1716895105151&bg=ffffff&guid=ON&async=1&gtm=45be45m0z871030579za201zb71030579&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.villamandalaybali.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&npa=0&pscdl=noapi&auid=956450501.1716895104&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=travel_destid%3DBali%5C%2C%20Seseh-Tanah%20Lot%3Bhrental_pagetype%3Dhome%3Btravel_pagetype%3Dhome%3Bhrental_startdate%3D--%3Btravel_startdate%3D--%3Bhrental_enddate%3D--%3Btravel_enddate%3D--%3Bhrental_id%3DP00431&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-994443093&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

95f8e3753d7a538e10ef85e437dc88d74a49f136dac5e34955b690743c4c1aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1535
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/971510718/ 4 KB
2 KB 121ms
55ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971510718/?random=1716895105169&cv=11&fst=1716895105169&bg=ffffff&guid=ON&async=1&gtm=45be45m0v897556359z871030579za201zb71030579&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.villamandalaybali.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&npa=0&pscdl=noapi&auid=956450501.1716895104&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=rmBedrooms%3D99%3BrmLocation%3DBali%5C%2C%20Seseh-Tanah%20Lot%3Bhrental_id%3DP00431&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-971510718&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c88f002216195e12bc2943162f8a53aafb00a20b63b9d50dc444ac735e4a9220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 56ms
55ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HWNLEB27ZM&gtm=45je45m0v9103454578z871030579za200zb71030579&_p=1716895103986&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1016131297.1716895104&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716895105&sct=1&seg=0&dl=https%3A%2F%2Fwww.villamandalaybali.com%2F&dt=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&en=page_view&_fv=1&_ss=1&tfd=4914
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HWNLEB27ZM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 55ms
55ms Ping
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HWNLEB27ZM&cid=1016131297.1716895104&gtm=45je45m0v9103454578z871030579za200zb71030579&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HWNLEB27ZM&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.villamandalaybali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 72ms
71ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HWNLEB27ZM&cid=1016131297.1716895104&gtm=45je45m0v9103454578z871030579za200zb71030579&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1029367795

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=3145648&ADFPageName=Elite%20Havens%20-%20Home%20Page&ADFdivider=%7C&ord=542580721832&ADFtpmode=2&loc=https%3A%2F%2Fwww.villamandalaybali.com%2F&Set1=en-...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3145648&ADFPageName=Elite%20Havens%20-%20Home%20Page&ADFdivider=%7C&ord=542580721832&ADFtpmode=2&loc=https%3A%2F%2Fwww.villamandalaybali.com%2F&Set...

125 B
726 B

64ms
63ms

Script
text/javascript

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3145648&ADFPageName=Elite%20Havens%20-%20Home%20Page&ADFdivider=%7C&ord=542580721832&ADFtpmode=2&loc=https%3A%2F%2Fwww.villamandalaybali.com%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e1e51f87f075abf4275929bf2dd6b96d9044babb894eec0631f39fe1a91941a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://www.villamandalaybali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 197
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=3145648&ADFPageName=Elite%20Havens%20-%20Home%20Page&ADFdivider=%7C&ord=542580721832&ADFtpmode=2&loc=https%3A%2F%2Fwww.villamandalaybali.com%2F&Set1=en-GB%7Cen-GB%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 main.MWYzNGIxOWM4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 339 KB
99 KB 75ms
75ms Script
application/javascript 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKADI7JC77UE2IQFBPSG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ce3a5fc52c3c9a83936b6ba3c6a3d0cb4ffcd847a998abf0d5806243de7e2d5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 87592b21
date: Tue, 28 May 2024 11:18:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240523141221E289CA50EFDF9238CC99
x-tt-trace-id: 00-240523141221E289CA50EFDF9238CC99-5FCAA6CF446E41DF-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01ab595c4689c90405f785ec31477b6a3651a79188cdc6aff8731661b004ed4c6dc51e8d92a7db2eb39ebf8f714b407cc172bb03aba64b18bc2f85c12ae84eb92f5cc436a812b5ea3d9b3e64c4a121dd4f2393dba15516c4d3154555fa223fac50
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=19
content-length: 100679

GET
H2 200 web-widget-main-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame E325 972 KB
278 KB 42ms
40ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=0ebdd80a-f7d5-48ff-bfb4-c3613bdd7660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d1c949907af4ac820f60197fdc339cafa5b05c64fe0c4739d4b34b2b59335b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:25 GMT
x-amz-version-id: 7sYtabYd8ciOGu5V0P89IQfor6N0nKoQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: JNNRPXTJ12F6BEKW
age: 61
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: j/1EjmULaYT0mjxUAU/qkB/mgZ4o+CgswINlJ+DHo4vytPWqArGDpjP69YG52+9KHVhAHQf11gAYDLF2diFpQ2SflFBtSkkf
last-modified: Tue, 21 May 2024 07:56:03 GMT
server: cloudflare
etag: W/"1cd914e37c72f31dd72b0b44ef9b3e44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xveAXKoJ7qSxSqEI3dW6ZbeXskRpWt0duaj3%2B9M4SpU2x9uKjG7c4oqgMQ2xz3BzRXWMW30PfAlDiYuYGnaQ%2F2iD%2B2pBwDRc26FeOUJ6aIbvVQd28DODHF%2FZtxqpGDzbeHmg7uQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88add8082e680686-LHR
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:02 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/971510718/ 42 B
64 B 56ms
56ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/971510718/?random=1716895105169&cv=11&fst=1716894000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v897556359z871030579za201zb71030579&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.villamandalaybali.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&npa=0&pscdl=noapi&auid=956450501.1716895104&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=rmBedrooms%3D99%3BrmLocation%3DBali%5C%2C%20Seseh-Tanah%20Lot%3Bhrental_id%3DP00431&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLMQhDgDbGLDJIC8lgB2_6K6tsrgYzvw&random=1689821997&rmt_tld=0&ipr=y

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/971510718/ 42 B
64 B 63ms
62ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/971510718/?random=1716895105169&cv=11&fst=1716894000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v897556359z871030579za201zb71030579&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.villamandalaybali.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&npa=0&pscdl=noapi&auid=956450501.1716895104&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=rmBedrooms%3D99%3BrmLocation%3DBali%5C%2C%20Seseh-Tanah%20Lot%3Bhrental_id%3DP00431&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLMQhDgDbGLDJIC8lgB2_6K6tsrgYzvw&random=1689821997&rmt_tld=1&ipr=y

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/994443093/ 42 B
64 B 59ms
59ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/994443093/?random=1716895105151&cv=11&fst=1716894000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0z871030579za201zb71030579&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.villamandalaybali.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&npa=0&pscdl=noapi&auid=956450501.1716895104&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=travel_destid%3DBali%5C%2C%20Seseh-Tanah%20Lot%3Bhrental_pagetype%3Dhome%3Btravel_pagetype%3Dhome%3Bhrental_startdate%3D--%3Btravel_startdate%3D--%3Bhrental_enddate%3D--%3Btravel_enddate%3D--%3Bhrental_id%3DP00431&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL881AaRTTg54V81VujuPG1jlMebkeuQ&random=791744630&rmt_tld=0&ipr=y

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/994443093/ 42 B
64 B 64ms
63ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/994443093/?random=1716895105151&cv=11&fst=1716894000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0z871030579za201zb71030579&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.villamandalaybali.com%2F&hn=www.googleadservices.com&frm=0&tiba=Mandalay%20Villas%20-%20Seseh%20Beach%2C%20Bali%207%20and%204%20bedroom%20villas&npa=0&pscdl=noapi&auid=956450501.1716895104&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=travel_destid%3DBali%5C%2C%20Seseh-Tanah%20Lot%3Bhrental_pagetype%3Dhome%3Btravel_pagetype%3Dhome%3Bhrental_startdate%3D--%3Btravel_startdate%3D--%3Bhrental_enddate%3D--%3Btravel_enddate%3D--%3Bhrental_id%3DP00431&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL881AaRTTg54V81VujuPG1jlMebkeuQ&random=791744630&rmt_tld=1&ipr=y

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20-%20Downstairs%20sunloungers.jpg
www.villamandalaybali.com/resources/mandalay/headers/ 446 KB
446 KB 304ms
301ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/headers/Villa%20Mandalay%20-%20Downstairs%20sunloungers.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

95539bc861aca2c789d9e60effce9e7cc61a49a2c48d4a1decccb178fa5d5917

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:14 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "6f734-5bac967b6d112"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 456500
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20-%20Refreshing%20coconut%20with%20a%20view.jpg
www.villamandalaybali.com/resources/mandalay/content/home/ 143 KB
143 KB 305ms
302ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/content/home/Villa%20Mandalay%20-%20Refreshing%20coconut%20with%20a%20view.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

a5f073fbc37b191474985f16754da31e77ed722e6299ea78c88baa01389c2907

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "23b34-5bac968d3e5b9"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 146228
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20Dua%20-%20Blissful%20poolside.jpg
www.villamandalaybali.com/resources/mandalay/content/home/ 222 KB
223 KB 306ms
304ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/content/home/Villa%20Mandalay%20Dua%20-%20Blissful%20poolside.jpg

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

3ca6442705015491c23dd05f8d54459ec9daa6caa827d42126b18a5486c6cc21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:33 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "37871-5bac968d7fc8c"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 227441
Expires: Tue, 28 May 2024 11:23:22 GMT

GET
H2 200 en-us-json-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame E325 25 KB
6 KB 54ms
53ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:25 GMT
x-amz-version-id: 2hYypV05EZU7FfAAst9jMWe4PEdNwLeK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYW4TTGW2EW5826
age: 7177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: A//gFCWi1UWvrATt9znBnAXnMVODo0cZckPq0/Ee09OdcjY+Kb0ZzhLeH6PFeWN98gwpxmpGtlg=
last-modified: Tue, 21 May 2024 07:56:04 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=au9IHr6tFgf3VFvF2qnDmYdg0VVqd%2BrqSAXJB3FwYGsRH6imQCk8YqAFxRcKSTxD17MFpvEo2L7Oo%2F2h4fhgtO%2B5OineyjuWf%2F8iYtxxDHGxBOdc44JY111e5qAn4azp2WI5LfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88add809e8780686-LHR
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:03 GMT

GET
H2 200 config Show response
elitehavens.zendesk.com/embeddable/ Frame E325 591 B
1 KB 524ms
414ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elitehavens.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965b713dd1e089c602068634e0eab36ad0cf073ebcc9b8907721f1651fd26706

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-594d49f56-prhjf
x-cached: MISS
x-runtime: 0.002080
last-modified: Tue, 28 May 2024 11:16:59 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BD1DyFb9s50VadRx0zGUZUidKnP1OWRuccbFDcQcM3ZYVx5r%2Bzt6D75fwbxZc%2FeRnzasey4PAA%2Bh4%2F4MFIwazqbn7MGHZqPhEuHpQT6%2BxmTi78tM2i4us5XN6c4bHr8%2BK1iCvvtgBlOb"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 88add80aae409557-LHR

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 148ms
147ms Script
application/javascript 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 87593261
date: Tue, 28 May 2024 11:18:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400000BDE2C76E5D8EE9EA469
x-tt-trace-id: 00-2405211400000BDE2C76E5D8EE9EA469-157E37BC5A175057-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0100d4c450589ef3b128c95195644898e3ac9f93df285dee4651f5d49be7bbf40b3f49d73279c1efd17c796dab3e0f42eb8d06cb6b69ad140b8b2cc092925ad401ddb70af56f6dac739a5917117778597089c6d7cb71bdca856e0ea2d397d745c7
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 39572

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 230ms
229ms Ping
text/plain 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d4d6c205.87593262
date: Tue, 28 May 2024 11:18:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240528111825E31FF71A8D1657835E34-5ADBA5A148FBFA0D-00
x-cache: TCP_MISS from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 140,95.100.146.21
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=43, inner; dur=31
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240528111825E31FF71A8D1657835E34
x-cache-remote: TCP_MISS from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.48.100.137
x-tt-trace-host: 0133c5af4d845857f7156a8e4b29b3df89067c60ff6f64e41b65adec01dd6cef771cab98f95055d5ae93c45eadf6417efb8d66a1079982e5d0ad2c99e36f3ce4319364437e9af28b8c80f37322e1ca9860311dead201300eaae2bf1639f212f2bb44169e0a09cc2af66bc2accef9736b0d
access-control-allow-headers: Authorization,*
expires: Tue, 28 May 2024 11:18:25 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ 201 KB
68 KB 192ms
75ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?key=AIzaSyCnwT0s5r_NZ4Sb8Mc5AYkqcmZq5vAgIwM&callback=Function.prototype&_=1716895104225

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/resources/mandalay/js/jquery-1.12.4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

047e8da044b6a84431bc01521e13efe8c10b820b6fa28976001392b456a16fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69067
x-xss-protection: 0

GET
H2 200 web-widget-chat-sdk-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame E325 216 KB
53 KB 59ms
59ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:25 GMT
x-amz-version-id: Cqx7SIb9.heewODiHJIf0HBediWoScSO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYREK8MHDQ8FZ13
age: 7177
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ciNpaHvLti0A9Tn1NOk8GVcZq3Ccu05RCk95i07O2VgqcMJCCFf9ucQYiXv/zCmK5eDPHitLBlU=
last-modified: Tue, 21 May 2024 07:56:02 GMT
server: cloudflare
etag: W/"bf7f24c006f934261d7ff732b528402b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1WaWZRWeB7VvDmEg%2Bzm40XvPUbPqHaJ1qjiKHqSSWpfJEnR1o4i9fAzxcMn5KhUfhbH6baCSZKKV0FjHAWgtpAn03DeKYcfZsbc5XJH4fBf%2FqLpTsEVObF7RoX0LG7LATGp4gc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88add80af9960686-LHR
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:01 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
841 B 191ms
191ms Ping
text/plain 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c95e2dfa.87593513
date: Tue, 28 May 2024 11:18:26 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240528111826A26D04303AE854ECC8B6-3EBFD77DC37BE2FB-00
x-cache: TCP_MISS from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 125,95.100.146.21
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=31, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240528111826A26D04303AE854ECC8B6
x-cache-remote: TCP_MISS from a23-48-200-13.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.48.200.13
x-tt-trace-host: 0133c5af4d845857f7156a8e4b29b3df89067c60ff6f64e41b65adec01dd6cef77e41838394a205cd14180ce8e6e76d813aaeb5d01952563516d440637c419ad6bace9508ccf08897e29cf1ea048cbb7eb9c9d9d54066cdbbd0a2fca0cc3c7822562d1cfc6fb1ef5ef680e0c95a720e5a0
access-control-allow-headers: Authorization,*
expires: Tue, 28 May 2024 11:18:26 GMT

GET
H/1.1 200
OK xeh-logo.png.pagespeed.ic.pJrgE4ruC4.webp
www.villamandalaybali.com/resources/common/images/ 14 KB
14 KB 1825ms
1824ms Image
image/webp 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.villamandalaybali.com/resources/common/images/xeh-logo.png.pagespeed.ic.pJrgE4ruC4.webp
Requested by: Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 736cd7851949a1056222804a2142af67d10674c7b41838c247a1f2b3674e2851

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:26 GMT
Last-Modified: Tue, 28 May 2024 11:16:20 GMT
Server: Apache/2.4.52 (Ubuntu)
X-Original-Content-Length: 15785
Etag: W/"0"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://www.villamandalaybali.com/resources/common/images/eh-logo.png>; rel="canonical"
Content-Length: 13864
Keep-Alive: timeout=5, max=97
Expires: Wed, 28 May 2025 11:16:20 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
364 B 165ms
59ms XHR
application/json 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.villamandalaybali.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/ 256 KB
56 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCnwT0s5r_NZ4Sb8Mc5AYkqcmZq5vAgIwM&callback=Function.prototype&_=1716895104225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3bec6ed0a207d3c134030d8d3ec718453741f8be679f5eb4c3fbfa97c26d725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 19:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57324
x-xss-protection: 0
last-modified: Tue, 14 May 2024 21:24:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 May 2025 19:48:21 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/ 182 KB
56 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCnwT0s5r_NZ4Sb8Mc5AYkqcmZq5vAgIwM&callback=Function.prototype&_=1716895104225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653f9c09c8bb44bd2cccd845f4721dc7c58aa83d3f42885617abe3425e271f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 21:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57149
x-xss-protection: 0
last-modified: Tue, 14 May 2024 21:24:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 21:48:38 GMT

GET
H2 200 map.js Show response
maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/ 74 KB
24 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/map.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCnwT0s5r_NZ4Sb8Mc5AYkqcmZq5vAgIwM&callback=Function.prototype&_=1716895104225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f43e862379c42bb660b36a4611a842b5bc3dcc31bc6500dc4cc0f65f847c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 392904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24378
x-xss-protection: 0
last-modified: Tue, 14 May 2024 21:24:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 22:10:02 GMT

GET
H2 200 marker.js Show response
maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/ 71 KB
22 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/57/0/intl/en_gb/marker.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?key=AIzaSyCnwT0s5r_NZ4Sb8Mc5AYkqcmZq5vAgIwM&callback=Function.prototype&_=1716895104225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4895f116a89ae520c197eaf20d12b67723c0a5a7d1ebfb55d6567823d168a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 22:15:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 392578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 14 May 2024 21:24:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 22:15:28 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-4a143a0.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame E325 236 B
841 B 53ms
53ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4a143a0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4a143a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:27 GMT
x-amz-version-id: YtYcuoz31wmMmrwgUq7cLaYblV9Qa2Jx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: RCYV1WYHZGMW561V
age: 7179
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 6Gme5igqSG3plA46A3KQ51BmrobsczGjkd7A7MlNQ6HYmm50k2gr74WwNP3zwtny4yvRBidjvL6qtrjLQ62Spg==
last-modified: Tue, 21 May 2024 07:56:02 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VH9PkdJv3AMfEite9aKffDTmjIVWowra50wavF7CPJLqVL5NInEf7OOmZPYH3mWQNMoCaAxmXpJi2qLUZWwegaJihrFk7jGpbLja10tlQMylEwtFHlp7eyV65z3eaujWceb%2BZu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88add814ed250686-LHR
access-control-allow-headers: *
expires: Wed, 21 May 2025 07:56:01 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame E325 19 KB
20 KB 42ms
41ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: www.villamandalaybali.com
URL: https://www.villamandalaybali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:27 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 6106366
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eaokOOPfn3vbQamEYfg1qOGrcpOVOUPqish8D%2FFNwjMZ3stARLrFcRpZAMgbsSKX9jEoyuwJCCyisuqbfWOfdR3xoJjHHz8OFjxexs6RXvuVmdev8p8OpbGtbhHWrAMSsteQqTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 88add8155d900686-LHR
access-control-allow-headers: *
expires: Thu, 28 Nov 2024 08:06:42 GMT

POST
H/1.1 204
No Content mod_pagespeed_beacon Show response
www.villamandalaybali.com/ 0
187 B 300ms
300ms XHR
text/plain 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.villamandalaybali.com%2F
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 28 May 2024 11:18:28 GMT
Cache-Control: max-age=0, no-cache
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96

GET
H2 200 event Show response
sslwidget.criteo.com/ 41 KB
7 KB 171ms
82ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=%5B102084%2C104820%2C104822%2C104819%2C104818%2C104821%5D&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=_rk06V9BejdjMnZaWXZ4ZnFlTzZoOHFhcTRHR2NxZERITGVPeFJMcnNCSE9qbjNLS3lSTHNRZGwwblpQVEkzM1FhNFNjVnRSQzZ5clV2RmhSdzRhM29JOHFZWlZySUlMV1FDOUhBOCUyQm5nN0ZldnBpbTM5emdwZXdNMGRGQzVqdTZ3QndyVGF4ZXREdWx4N3lQMVM0MXpUTjZUNEl3M01BMEJkc0VrQWh5V3B3dUwlMkZrJTNE&tld=villamandalaybali.com&dy=1&fu=https%253A%252F%252Fwww.villamandalaybali.com%252F&ceid=e292b700-c476-450b-8c3d-bf92ff16e161&dtycbr=85407

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=%5B102084%2C104820%2C104822%2C104819%2C104818%2C104821%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

19863ec97334b73195f617816442ea48bb1f6ace19f93dab4b759f5baf576609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 32476955
timing-allow-origin: *
expires: 0

POST
H/1.1 204
No Content mod_pagespeed_beacon Show response
www.villamandalaybali.com/ 0
187 B 326ms
326ms XHR
text/plain 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.villamandalaybali.com%2F
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 28 May 2024 11:18:28 GMT
Cache-Control: max-age=0, no-cache
Server: Apache/2.4.52 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK xfavicon.png.pagespeed.ic.lLBTPJ0uJr.webp
www.villamandalaybali.com/resources/mandalay/ 190 B
689 B 314ms
314ms Other
image/webp 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.villamandalaybali.com/resources/mandalay/xfavicon.png.pagespeed.ic.lLBTPJ0uJr.webp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 68df2bb3110268064a4723c5881ce281b421d759c67d56c1a261bfa721e4a90f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:28 GMT
Last-Modified: Tue, 28 May 2024 11:16:20 GMT
Server: Apache/2.4.52 (Ubuntu)
X-Original-Content-Length: 341
Etag: W/"0"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://www.villamandalaybali.com/resources/mandalay/favicon.png>; rel="canonical"
Content-Length: 190
Keep-Alive: timeout=5, max=94
Expires: Wed, 28 May 2025 11:16:20 GMT

GET
H2 200 register-trigger
measurement-api.criteo.com/ 0
0 157ms
70ms Fetch 2a02:2638:3::19
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://measurement-api.criteo.com/register-trigger?partner_id=102084&uid=d5b20e7f-7a69-42e6-a9fd-ab56f9a39e5a&event_name=Page&islcc=0&amount_local=0&amount_euro=0&client_side_event_id=e292b700-c476-450b-8c3d-bf92ff16e161

Requested by

Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYzNGIxOWM4MQ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::19 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"2884715110278044367","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"}
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://www.villamandalaybali.com
access-control-allow-credentials: true
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2BD6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_cm&google_hm=ay1SQXRKRnptbDM1eExJVDhrTFNpbHlZMmtIVEFWY3JFS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_gid=CAESEFBDQheqiWvNbOSdZFiq4FU&google_cver=1&google_ula=913071,0

43 B
370 B

44ms
44ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_gid=CAESEFBDQheqiWvNbOSdZFiq4FU&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1948331
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RAtJFzml35xLIT8kLSilyY2kHTAVcrEHlPxODg&google_gid=CAESEFBDQheqiWvNbOSdZFiq4FU&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 2BD6 43 B
235 B 216ms
42ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-u84itDml35xLIT8kLSilyY2kHTCJpUAKm2er9w&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2BD6
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2677242898621103773

43 B
370 B

40ms
38ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2677242898621103773

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2052755
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
an-x-request-uuid: 522e84c5-2263-4e3c-bbbe-34986fb98afd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2677242898621103773
x-proxy-origin: 217.138.196.107; 217.138.196.107; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 2BD6 43 B
163 B 218ms
46ms Image
image/gif 164.132.25.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-wCauBDml35xLIT8kLSilyY2kHTBZmK9NqyKv9A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ip185.ip-164-132-25.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2BD6 0
99 B 209ms
36ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-higcjDml35xLIT8kLSilyY2kHTDf84oKzb53wQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38395

GET
H2

200

RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003
sync.targeting.unrulymedia.com/csync/ Frame 2BD6
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-vf5iUjml35xLIT8kLSilyY2kHTC-WJrgnkNXfg
https://sync.1rx.io/usersync/criteodsp/k-vf5iUjml35xLIT8kLSilyY2kHTC-WJrgnkNXfg?zcc=1&cb=1716895108442
https://sync.targeting.unrulymedia.com/csync/RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003

43 B
378 B

136ms
44ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003
pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2 200 pixel
cm.adform.net/ Frame 2BD6 43 B
163 B 239ms
68ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-O92LATml35xLIT8kLSilyY2kHTB335pKZdAWew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
last-modified: Thu, 27 Jul 2023 11:18:06 GMT
server: nginx
accept-ranges: bytes
etag: "64c2526e-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 2BD6 49 B
342 B 135ms
53ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qUK6Fjml35xLIT8kLSilyY2kHTB5DS9CD3HSvQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 2BD6
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bUUqhjml35xLIT8kLSilyY2kHTC7_98sKZHfKg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bUUqhjml35xLIT8kLSilyY2kHTC7_98sKZHfKg&C=1

43 B
323 B

72ms
71ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bUUqhjml35xLIT8kLSilyY2kHTC7_98sKZHfKg&C=1
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMyAfo8KNXXpn3aBqv3FM6PjRHfZrUCdnNq5dEpmRrjtnTIClXQj2Zd2pa%2BoX4zX4aiXNtkLzEcPk0OYQ0lJK0u0bd3ubHbvkGFZhc9sz5meNyoAGqeZlr8ZfL98ig%2BFw5ML"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 88add81c6d463695-LHR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKbPKrHSzm672MK0O8Nxj%2FvCxS9U2H3xznCBVkhE1Y7mOOgUHPsubbijx8WWDRaVEtwxQ57CR1CBX3V7s9px3Zj7wI6nSeerReBqcacxllVQ5Jq0aCxer8bXPLLDau6QHjCn"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-bUUqhjml35xLIT8kLSilyY2kHTC7_98sKZHfKg&C=1
cache-control: no-cache
cf-ray: 88add81becab3695-LHR
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 2BD6
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=1b-iXtxab_3Umcp6s1-KhJksCCagvbgo
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1b-iXtxab_3Umcp6s1-KhJksCCagvbgo

42 B
718 B

44ms
43ms

Image
image/gif

54.74.194.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1b-iXtxab_3Umcp6s1-KhJksCCagvbgo

Protocol

Server

54.74.194.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-74-194-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v061-08d72dc4e.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: GWr7i+qETkM=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v061-010701909.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: IkEYFLiiSxM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=1b-iXtxab_3Umcp6s1-KhJksCCagvbgo
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 2BD6 43 B
1 KB 174ms
44ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-L-86zTml35xLIT8kLSilyY2kHTCZXHvKWGRIaA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 28 May 2024 11:18:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 2BD6 43 B
199 B 161ms
44ms Image
image/gif 54.229.87.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-zorS-zml35xLIT8kLSilyY2kHTDxjw4N2FKaKA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.229.87.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-87-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 28 May 2024 11:18:28 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 2BD6 42 B
274 B 118ms
41ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-5X6jyjml35xLIT8kLSilyY2kHTDd6_zqWQAHOg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame 2BD6 57 B
814 B 435ms
274ms Image
image/gif 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-FEcCjjml35xLIT8kLSilyY2kHTCuqBXfkV8JuA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 28 May 2024 11:18:28 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Tue, 28 May 2024 11:18:28 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 2BD6 0
880 B 150ms
47ms Image
text/html 3.125.138.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-KwqjwDml35xLIT8kLSilyY2kHTDWbIyQYjF5ig
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.138.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-138-63.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 2BD6 43 B
423 B 401ms
118ms Image
image/gif 34.227.153.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-WB44cTml35xLIT8kLSilyY2kHTCYZsx7CqHJ6A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-116.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 2BD6 0
218 B 695ms
172ms Image
text/plain 38.133.127.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-EIbksTml35xLIT8kLSilyY2kHTApIAIx97QM4A&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.133.127.31 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:29 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 162866b3662a5b4a91411fbf3146321a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 2BD6 0
225 B 134ms
34ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-MbHpLzml35xLIT8kLSilyY2kHTDJpxNanVZKQg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/html; charset=utf-8
date: Tue, 28 May 2024 11:18:27 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 2BD6 0
239 B 212ms
49ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-6lblsDml35xLIT8kLSilyY2kHTAqg47kTtToog&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 2BD6 0
35 B 182ms
46ms Image
text/plain 18.197.197.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-3rdhyTml35xLIT8kLSilyY2kHTBpM8jQciNldQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.197.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-197-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame 2BD6 23 B
163 B 225ms
69ms Image
image/gif 23.52.181.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-cY23eDml35xLIT8kLSilyY2kHTB8tlf29VZDSw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.181.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-181-90.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 28 May 2024 11:18:28 GMT
pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.1
content-length: 23
content-type: image/gif

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 2BD6 43 B
400 B 329ms
102ms Image
image/gif 2600:1f18:612b:4280:807b:3d3a:e60e:91a5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-7l_xoDml35xLIT8kLSilyY2kHTDm4zrqZelNIw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:807b:3d3a:e60e:91a5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 28 May 2024 11:18:28 GMT
server: nginx
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 2BD6 37 B
140 B 149ms
48ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-LiFTgDml35xLIT8kLSilyY2kHTBtQRIDjrj0-g&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 2BD6 0
235 B 180ms
70ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-6xYT8Dml35xLIT8kLSilyY2kHTDcLIyGlV7uvQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 28 May 2024 11:18:28 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 27 May 2024 11:18:28 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 2BD6 0
38 B 170ms
41ms Image
text/plain 52.19.175.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-ELR7tDml35xLIT8kLSilyY2kHTBIdqpF99JOPQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.175.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-175-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 2BD6 0
44 B 158ms
58ms Image
text/plain 18.156.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-aipoFTml35xLIT8kLSilyY2kHTCwIDx8REykLw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.206.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-206-235.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 11:18:28 GMT
server: awselb/2.0

GET
H2 200 match
c1.adform.net/serving/cookie/ Frame 2BD6 35 B
591 B 70ms
59ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=10015&cid=k-O92LATml35xLIT8kLSilyY2kHTB335pKZdAWew

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 setuid
ib.adnxs.com/ Frame 2BD6 43 B
1 KB 44ms
43ms Image
image/gif 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-pDPVKzml35xLIT8kLSilyY2kHTCp5kMXhkEcaQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 11:18:28 GMT
an-x-request-uuid: 749b708c-a72d-43cf-be24-1c8f37a9697b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.138.196.107; 217.138.196.107; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Villa%20Mandalay%20-%20CS3013.jpg
www.villamandalaybali.com/resources/mandalay/headers/ 184 KB
0 302ms
301ms Image
image/jpeg 13.231.80.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.villamandalaybali.com/resources/mandalay/headers/Villa%20Mandalay%20-%20CS3013.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.231.80.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-80-41.ap-northeast-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.villamandalaybali.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 28 May 2024 11:18:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Feb 2021 01:51:14 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "48d27-5bac967ac4215"
Vary: User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 298279
Expires: Tue, 28 May 2024 11:23:22 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.villamandalaybali.com/	1970-01-20 20:54:58	Name: PHPSESSID Value: 0b6ucui4uembmpldj6mqgmlpld
.villamandalaybali.com/	1970-01-20 20:56:21	Name: _gid Value: GA1.2.719772038.1716895104
.villamandalaybali.com/	1970-01-20 20:54:55	Name: _gat Value: 1
.villamandalaybali.com/	1970-01-20 23:04:31	Name: _gcl_au Value: 1.1.956450501.1716895104
.villamandalaybali.com/	1970-01-20 20:54:55	Name: _dc_gtm_UA-59678517-1 Value: 1
.villamandalaybali.com/	1970-01-21 01:14:07	Name: __utmzz Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)
.villamandalaybali.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.villamandalaybali.com/	1970-01-21 06:30:55	Name: _ga_BT430HBZG5 Value: GS1.2.1716895104.1.0.1716895104.0.0.0
.criteo.com/	1970-01-21 06:16:31	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 06:16:31	Name: uid Value: d5b20e7f-7a69-42e6-a9fd-ab56f9a39e5a
.tiktok.com/	1970-01-21 06:16:31	Name: _ttp Value: 2h5s7QealRe8h3oQHI46MDFrLB4
.villamandalaybali.com/	1970-01-21 06:30:55	Name: _ga_WMHR2TK1FK Value: GS1.1.1716895104.1.0.1716895104.60.0.0
.villamandalaybali.com/	1970-01-21 06:30:55	Name: _ga Value: GA1.1.1016131297.1716895104
.villamandalaybali.com/	1970-01-20 20:56:21	Name: _uetsid Value: 00022b601ce411efab957b9fdf1ef1c7
.villamandalaybali.com/	1970-01-21 06:16:31	Name: _uetvid Value: 0005f0f01ce411ef9ba4afda863a99fc
.bing.com/	1970-01-21 06:16:31	Name: MUID Value: 2D003A8A1C71690B340C2E071D086838
.villamandalaybali.com/	1970-01-21 06:24:19	Name: cto_bundle Value: _rk06V9BejdjMnZaWXZ4ZnFlTzZoOHFhcTRHR2NxZERITGVPeFJMcnNCSE9qbjNLS3lSTHNRZGwwblpQVEkzM1FhNFNjVnRSQzZ5clV2RmhSdzRhM29JOHFZWlZySUlMV1FDOUhBOCUyQm5nN0ZldnBpbTM5emdwZXdNMGRGQzVqdTZ3QndyVGF4ZXREdWx4N3lQMVM0MXpUTjZUNEl3M01BMEJkc0VrQWh5V3B3dUwlMkZrJTNE
.villamandalaybali.com/	1970-01-21 06:30:55	Name: _ga_HWNLEB27ZM Value: GS1.1.1716895105.1.0.1716895105.60.0.0
.adform.net/	1970-01-20 21:39:33	Name: C Value: 1
.adform.net/	1970-01-20 22:21:19	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-20 22:21:19	Name: uid Value: 6538051419382864510
.villamandalaybali.com/	1970-01-21 06:16:31	Name: _tt_enable_cookie Value: 1
.villamandalaybali.com/	1970-01-21 06:16:31	Name: _ttp Value: jyAjn0NUZiolIxDUGTlKDPIo2jm
widget-mediator.zopim.com/	1970-01-20 21:04:59	Name: AWSALBCORS Value: 90fkOJiEU1X+Sdq5QFuJlJT0SsSNAfS2iKOy3fpUqeqhGtuSpgfbAx6TESzxGruwPT21YSvfMLygzTqH2u2l07RWDZ8JZrdHCbJ+K3jw+8jQaYMYffU8wunuIjMT
.villamandalaybali.com/	1970-01-21 05:40:31	Name: __zlcmid Value: 1LzmkgmnwXNCo6J
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.criteo.com/	1970-01-21 06:16:31	Name: cto_bundle Value: 83JDQV8lMkJLQ0xEZTZKVWR5eU1Tek9pZFhIMEFyTUhlejFhaU0yWFhMNGNLU1JuUE82MEFvVHBZZXRaVDhmRG1mWGo3ZEU
.omnitagjs.com/	1970-01-20 21:38:07	Name: ayl_visitor Value: 6da9fde4f33f44b9ca0f653943e4321e
.adnxs.com/	1970-01-20 23:04:31	Name: XANDR_PANID Value: zBLhTR6vBhjYUT-SgELSniQRXnUVoNNyOcmOyJs-FWnDnCMwsF-Jlox6hde1cPDVOAD7hF5gtcPEn-F_ybryEppoaw8CgJVYKgtHjtmZmys.
.adnxs.com/	1970-01-21 06:30:55	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:04:31	Name: uuid2 Value: 2677242898621103773
.1rx.io/	1970-01-21 05:40:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003%22%7D
.doubleclick.net/	1970-01-21 06:16:31	Name: IDE Value: AHWqTUlRDjbbz3lX3ES4fYh-clWwRJuuTu5yzIHroSnTBu9v28FqKBk3PZ1wFl6m_i4
.casalemedia.com/	1970-01-21 05:40:31	Name: CMID Value: ZlW9hFVbL1MAAEBsBSuTsQAA
.casalemedia.com/	1970-01-20 23:04:31	Name: CMPS Value: 712
.casalemedia.com/	1970-01-20 23:04:31	Name: CMPRO Value: 712
.demdex.net/	1970-01-21 01:14:07	Name: demdex Value: 34752549292178321901545768037217698007
.adnxs.com/	1970-01-20 23:04:31	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2HbyHA:G!@wnfH1YdP.dEXlSkdoK(jS55U+=#B5jO_D_l%pWA->sFuDzxnetq`r5Q4QrD)Sc1.'Tcl-WbfP(hw9P-HC_#ty7t+hLd>
.dpm.demdex.net/	1970-01-21 01:14:07	Name: dpm Value: 34752549292178321901545768037217698007
.targeting.unrulymedia.com/	1970-01-21 05:40:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-806edd2e-6c68-46cf-90e9-fefdbcefe55b-003%22%7D
exchange.mediavine.com/	1970-01-20 21:15:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22022efdd0-1ce4-11ef-8686-05f92aba37b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:15:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22022efdd0-1ce4-11ef-8686-05f92aba37b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:15:04	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22022efdd0-1ce4-11ef-8686-05f92aba37b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:15:04	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22022efdd0-1ce4-11ef-8686-05f92aba37b0%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 21:15:04	Name: criteo Value: %7B%22id%22%3A%22k-KwqjwDml35xLIT8kLSilyY2kHTDWbIyQYjF5ig%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 05:40:31	Name: visitor-id Value: 3598967085012381000V10
.media.net/	1970-01-20 21:38:07	Name: data-c-ts Value: 1716895108
.media.net/	1970-01-20 21:38:07	Name: data-c Value: k-FEcCjjml35xLIT8kLSilyY2kHTCuqBXfkV8JuA~~3
.postrelease.com/	1970-01-21 05:40:31	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 05:40:52	Name: tvid Value: ac1bc15a4ed14d2bb237dd6f3822fd3c
.tremorhub.com/	1970-01-20 21:38:07	Name: tv_UICR Value: k-7l_xoDml35xLIT8kLSilyY2kHTDm4zrqZelNIw

70 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://sslwidget.criteo.com/event?a=%5B102084%2C104820%2C104822%2C104819%2C104818%2C104821%5D&v=5.24.0&otl=1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=_rk06V9BejdjMnZaWXZ4ZnFlTzZoOHFhcTRHR2NxZERITGVPeFJMcnNCSE9qbjNLS3lSTHNRZGwwblpQVEkzM1FhNFNjVnRSQzZ5clV2RmhSdzRhM29JOHFZWlZySUlMV1FDOUhBOCUyQm5nN0ZldnBpbTM5emdwZXdNMGRGQzVqdTZ3QndyVGF4ZXREdWx4N3lQMVM0MXpUTjZUNEl3M01BMEJkc0VrQWh5V3B3dUwlMkZrJTNE&tld=villamandalaybali.com&dy=1&fu=https%253A%252F%252Fwww.villamandalaybali.com%252F&ceid=e292b700-c476-450b-8c3d-bf92ff16e161&dtycbr=85407 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.villamandalaybali.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
ad.360yield.com
ad.yieldlab.net
ajax.googleapis.com
analytics.tiktok.com
bat.bing.com
c1.adform.net
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
ekr.zdassets.com
elitehavens.zendesk.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
maps.google.com
maps.googleapis.com
match.sharethrough.com
matching.ivitrack.com
measurement-api.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s2.adform.net
simage2.pubmatic.com
ssl.geoplugin.net
sslwidget.criteo.com
static.zdassets.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
villamandalaybali.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.villamandalaybali.com
x.bidswitch.net
104.16.53.111
104.17.24.14
104.18.70.113
13.231.80.41
13.248.245.213
141.226.228.48
142.250.181.232
142.250.185.196
142.250.185.67
142.250.186.66
142.250.74.206
162.19.138.118
164.132.25.185
172.64.151.101
173.194.76.154
178.237.33.51
178.250.1.9
18.156.206.235
18.197.197.216
185.255.84.152
198.47.127.205
2.19.216.27
2001:4860:4802:32::36
216.58.212.162
23.35.237.75
23.52.181.90
2600:1f18:612b:4280:807b:3d3a:e60e:91a5
2a00:1450:4001:806::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9a
2a01:111:202c::237
2a02:2638:3::19
2a02:2638:3::c
2a02:2638:3::e
3.125.138.63
31.22.4.80
34.117.157.22
34.227.153.116
35.214.149.91
37.157.4.28
37.157.6.232
37.157.6.234
37.252.171.52
38.133.127.31
46.228.174.117
52.19.175.6
54.229.87.16
54.74.194.229
69.173.144.138
95.100.146.25
047e8da044b6a84431bc01521e13efe8c10b820b6fa28976001392b456a16fac
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
0894cc62f8e406d115cc4f9491e8bc51b70c6c49005401ff7e9e7db625bdb9fb
0c36b328e1e3a36fd5cf51756d63e923c67de95b2a09e4eb1483dad9a990083f
19863ec97334b73195f617816442ea48bb1f6ace19f93dab4b759f5baf576609
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
203009feed7755950a0c9079489b745311e407dbddf7314543bb6af1d1fe214f
2063402bc7a9dbcfe5690a2ef017bc2ce43667f92c941a44fa5a9269c1025638
207d4cf003ba825d7764da86de819b0607850a174b944cc57c6cfd17ccb13e33
22fb86790ad05abddf5807e765cd6e34072f8bc885ae4460238fff46239a6fea
306710f65a687ccf80a1735fc8f5fa42e5243a4651515ef4bc67604df1e2d834
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334fbdd08cd11b02160e925ad9931898512ccbd29896652e9e3fd97fcdbbb1ae
38573ef676956b4e8ccb224163fc54ec887cadc13ad94d865db78c747e0e5494
3a734f9ea10a57ba90797942b66a94d63add3e5fa773e3ad234676ee941505c1
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3ca6442705015491c23dd05f8d54459ec9daa6caa827d42126b18a5486c6cc21
3f9e9c8d8f122103646c7397d0237ff658f90a3631ee7aecd130f4300cbda544
42744f14646193d9d1b955f114f1d54b95a58afb2ec9d7869c5a168f488cacfa
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb
5277233b3215d49a4c7bb002f9ca1559c96a5a3980143461195789c9f6f4011c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59dafb1640662acb69446a1bc159ea9dce9bccf5f38899d29f229d76c40e8095
5a08e670354bb03faa3253cd47b6decb3137044852c5ae9c58ea44e57ec20886
5b9fe2ef704694cd8a041fcba10c358a362574647ab841c62363739b4f7fa9a2
653f9c09c8bb44bd2cccd845f4721dc7c58aa83d3f42885617abe3425e271f67
68df2bb3110268064a4723c5881ce281b421d759c67d56c1a261bfa721e4a90f
6e4f0aafaa5f95b68ccc12fd7e4f61ee9fbbde279d3c791f89ce78765c936079
736cd7851949a1056222804a2142af67d10674c7b41838c247a1f2b3674e2851
76da2a8f40859a029bf3826980af8d415a5d2e962a369da3862fbb618614371f
78d1c949907af4ac820f60197fdc339cafa5b05c64fe0c4739d4b34b2b59335b
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8be9f1d3f38e64b49a0f30737268bcb4f1e07c77f5930b49796fff67a00de797
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
90b51997831e24b22ae17f451a33c9f5eff96965ba04213fef6c4ca54a904fbf
92614d9570c0a2e3c2f34bda86556f1ba6638235599f157373468f3944736afc
949d8a4a6d7b1109b1b1f6aa1b624f3273a8eb034c2d8359e1c047e21e30b4b7
95539bc861aca2c789d9e60effce9e7cc61a49a2c48d4a1decccb178fa5d5917
95f8e3753d7a538e10ef85e437dc88d74a49f136dac5e34955b690743c4c1aec
965b713dd1e089c602068634e0eab36ad0cf073ebcc9b8907721f1651fd26706
97297d8ceeb1efea58e9deeb5071110e185c3bbec19992e5991eb89e24218577
9a7578e4ce36a5e0d42e276d49ddd778708dc5322cbb0d3e519be9a0a9c23259
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1bddc8c88a4f57870cd134e3b51978b98e18f546205173d07d06aba1a33d603
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a4895f116a89ae520c197eaf20d12b67723c0a5a7d1ebfb55d6567823d168a7a
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a5f073fbc37b191474985f16754da31e77ed722e6299ea78c88baa01389c2907
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38154f4f3a9205864b732dec3a9f15a39b853ec55261d621adcb168fdef1fdc
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b5ba41b38d77bbb6ad0f615045f80a56c850dfbcb76f4eeb019e565a1d7c8199
b85b268c69791fb4cf9def3d1209b060f93d9997031689788dfefc6467ff3cf7
b9f3096433d70499dd423a9cd154ac0cc8b33b830f52f389d24c9148549da10d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beac7f0f107a1052e51b6b06b3b1b14a7dde2d8b5a6b305b71517cfe24680fa1
c2fad45238dc29bef69a6bdfb7bc1ade77ced2d152870e4855522db1bb08217d
c3bec6ed0a207d3c134030d8d3ec718453741f8be679f5eb4c3fbfa97c26d725
c3f43e862379c42bb660b36a4611a842b5bc3dcc31bc6500dc4cc0f65f847c3e
c407d2d7a6f60c74cdd59c2341f3246a3dbe5187a256c61d1818c1dc33014a61
c88f002216195e12bc2943162f8a53aafb00a20b63b9d50dc444ac735e4a9220
ca3ba3a2e9195da8a89e95776754574c2f8c9501a1ee534141572001f9f9381b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd8c51b736a0e2f8582957b9c072ba902aefaddff6f5782dca78ba2fba448da5
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ce3a5fc52c3c9a83936b6ba3c6a3d0cb4ffcd847a998abf0d5806243de7e2d5a
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d87ae58ae88b6c0399c92b8eb7a96c57055772d95a2fdac8859627a3aafbfb40
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e51f87f075abf4275929bf2dd6b96d9044babb894eec0631f39fe1a91941a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a3d5b50f60970da55348b19ad6c764d71a7960c6d55725d637f8512662b85c
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42da7e9475773d81a16a74a6278ccdcb1731876ec9516312d80faf7b5de7fe1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e230d2686fcc50bafc87e7a38f35347cd274db23ea399aa768a8f8ed325ef5
f77309a3390de4674d1b9179d69de9c1e284256e9c14bbf5a86e0c80586640bd
f9b78c62a4d69eae70cc45172928b942e8aba33e8217684c39a14b585b8776a9
fee2cba0d251a35630458cecb036d8be700701a8fe7217ec0116c96f551cddfa

www.villamandalaybali.com Open in urlscan Pro 13.231.80.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

95 %HTTPS

25 %IPv6

41 Domains

57 Subdomains

54 IPs

11 Countries

3483 kBTransfer

7499 kBSize

51 Cookies

10 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.villamandalaybali.com Open in urlscan Pro
13.231.80.41 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

95 %
HTTPS

25 %
IPv6

41
Domains

57
Subdomains

54
IPs

11
Countries

3483 kB
Transfer

7499 kB
Size

51
Cookies

126 HTTP transactions
3 data transactions