recovery.seasonsbali.com Open in urlscan Pro
34.253.101.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://recovery.seasonsbali.com/
Submission: On March 20 via automatic, source certstream-suspicious (March 20th 2023, 4:14:17 am UTC) — Scanned from DE

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 14 domains to perform 57 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is recovery.seasonsbali.com.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.

This is the only time recovery.seasonsbali.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.253.101.190 34.253.101.190	16509 (AMAZON-02) (AMAZON-02)
32	2600:9000:21f... 2600:9000:21f3:ba00:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	52.95.134.159 52.95.134.159	16509 (AMAZON-02) (AMAZON-02)
1	65.9.94.213 65.9.94.213	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:212... 2600:9000:2127:9c00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.189.105 13.224.189.105	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	52.95.129.14 52.95.129.14	16509 (AMAZON-02) (AMAZON-02)
2	3.106.96.148 3.106.96.148	16509 (AMAZON-02) (AMAZON-02)
2	3.105.205.3 3.105.205.3	16509 (AMAZON-02) (AMAZON-02)
57	19

1 34.253.101.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

recovery.seasonsbali.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.134.159 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-213.prg50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:9c00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-105.fra2.r.cloudfront.net

trkcall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.129.14 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

d360-public-artefacts.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.106.96.148 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-106-96-148.ap-southeast-2.compute.amazonaws.com

s.trkcall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.105.205.3 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-205-3.ap-southeast-2.compute.amazonaws.com

es.engineroom.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 10641 assets.website-files.com — Cisco Umbrella Rank: 10598	1 MB
3	trkcall.com trkcall.com — Cisco Umbrella Rank: 306932 s.trkcall.com — Cisco Umbrella Rank: 356829	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
2	engineroom.com.au es.engineroom.com.au	2 KB
2	gstatic.com fonts.gstatic.com	91 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	139 KB
2	amazonaws.com s3-ap-southeast-2.amazonaws.com d360-public-artefacts.s3.ap-southeast-2.amazonaws.com	12 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 305 fonts.googleapis.com — Cisco Umbrella Rank: 34	7 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6069	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	355 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	11 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	seasonsbali.com recovery.seasonsbali.com	9 KB
57	14

	Domain	Requested by
32	assets-global.website-files.com	recovery.seasonsbali.com assets-global.website-files.com
3	assets.website-files.com	assets-global.website-files.com
2	es.engineroom.com.au	d360-public-artefacts.s3.ap-southeast-2.amazonaws.com
2	s.trkcall.com	trkcall.com
2	www.google-analytics.com	www.googletagmanager.com recovery.seasonsbali.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	recovery.seasonsbali.com www.googletagmanager.com
1	d360-public-artefacts.s3.ap-southeast-2.amazonaws.com	www.googletagmanager.com
1	www.google.de	recovery.seasonsbali.com
1	www.google.com	recovery.seasonsbali.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	trkcall.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	cdnjs.cloudflare.com	recovery.seasonsbali.com
1	d3e54v103j8qbb.cloudfront.net	recovery.seasonsbali.com
1	s3-ap-southeast-2.amazonaws.com	recovery.seasonsbali.com
1	ajax.googleapis.com	recovery.seasonsbali.com
1	recovery.seasonsbali.com
57	19

This site contains links to these domains. Also see Links.

Domain
www.rayhaderclinic.com.au
goo.gl
seasonsbali.org

Subject Issuer	Validity	Valid
recovery.seasonsbali.com R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M01	`2023-02-23` - `2023-11-09`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon	`2022-09-21` - `2023-09-05`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
trkcall.com Amazon RSA 2048 M02	`2023-03-02` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.trkcall.com Amazon RSA 2048 M01	`2023-02-10` - `2023-05-21`	3 months	crt.sh
es.engineroom.com.au Amazon RSA 2048 M02	`2023-02-10` - `2023-09-29`	8 months	crt.sh

This page contains 1 frames:

Primary Page: https://recovery.seasonsbali.com/
Frame ID: 7F08258B0CA8A4C44E0367B48321124F
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Addiction Treatment | Life Changing Support | The Hader Clinic

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

100 %
HTTPS

63 %
IPv6

14
Domains

19
Subdomains

19
IPs

5
Countries

1484 kB
Transfer

2214 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rayhaderclinic.com.au/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/4AwGWoMP1seEocT57
Title: Jl Starlight, Lovina, banyualit, Anturan, Kec. Buleleng, Kabupaten Buleleng, Bali 81119, Indonesia

Search URL Search Domain Scan URL

URL: https://seasonsbali.org/
Title: Visit main site

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
recovery.seasonsbali.com/ 27 KB
9 KB 296ms
149ms Document
text/html 34.253.101.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dc8650a0c0001c56fbbf69981858299bfce144fb377ea7ef38b29a6918d35775

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 8475
content-type: text/html
date: Mon, 20 Mar 2023 04:14:10 GMT
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-cluster-name: eu-west-1-prod-edge-blue
x-served-by: cache-iad-kiad7000061-IAD, cache-dub4343-DUB
x-timer: S1679285650.129227,VS0,VE101

GET
H2 200 seasonsbali.3b6c1a207.min.css
assets-global.website-files.com/62560356437e763225bde05d/css/ 200 KB
31 KB 535ms
464ms Stylesheet
text/css 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6eb95f028f479be9122257907ef95815e7008e7acc9f9d211d23960a2986fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:11 GMT
content-encoding: gzip
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-version-id: 4yj2SLfoASF0sQSu6JVj3XQP8bAyersc
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 31529
last-modified: Sun, 27 Nov 2022 23:00:24 GMT
server: AmazonS3
etag: "dea23cb0ef7cfb7b9aba72a4c495cb8f"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: mpVc22ZpxjTsOEaORDmGvejqHkrGFpCTxUraiHtJcZZSy8rFUASc-w==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 12:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2024 12:31:43 GMT

GET
H/1.1 200
OK owlCarousel.min.css
s3-ap-southeast-2.amazonaws.com/d360-component-library/ 4 KB
4 KB 919ms
319ms Stylesheet
text/css 52.95.134.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-2.amazonaws.com/d360-component-library/owlCarousel.min.css
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.159 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6d06b60bb6fc41d6504dcdb18c00f480daa5558a8d37cdc01cd5397d92f3657c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: 4.vgvXB7CiiKbi3h6v2pmZo0CyewZhw8
Last-Modified: Tue, 03 Sep 2019 06:32:16 GMT
Server: AmazonS3
x-amz-request-id: 3TZDF4EC2GVSKBPP
ETag: "996bb1b8372561de98e0707ee8dccf55"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4168
x-amz-id-2: oRcK1y/F95Ar8R0WLDH3jxbSMQGCsFlC9d6piTeqsVL4dZLLXi9xu5lyVEr0QA7BXX+YqcC3OOo=

GET
H2 200 62560356437e760c3abde137_refund-primary.svg
assets-global.website-files.com/62560356437e763225bde05d/ 8 KB
4 KB 438ms
432ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e760c3abde137_refund-primary.svg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c6fc66a6305d342efa8fcbd6f26e11c3edf59d3dbfacbe91969da359cc939df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: kG_Rd1sMSZwNkuSeirCKSlXdexjMk4w2
content-encoding: br
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"80502b8cbd42758e6526ce95b600dcf2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 0Z-8cThpgzdVY-zkxLDS6EDUpKHpgkILZEr1rLFSvioxpdvjDn5oGA==

GET
H2 200 62560356437e76b528bde13e_Plus.svg
assets-global.website-files.com/62560356437e763225bde05d/ 545 B
994 B 454ms
449ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76b528bde13e_Plus.svg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6972dbe3dceb116d753bd85cccc3ee662ff5a0bd268879f79dc9996942a4fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: Ba5B8K_GKpoD_EFk0OVFNJh7l1DQGe.e
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "9608fbda067e77d8851c66d3d6df60f8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 545
x-amz-cf-id: 9JbsY2EFnJlU2mBSIQpaaNQ_8pHXSCgaMtzCLPcZ93nAjq8n0GUIow==

GET
H2 200 625e07718caafd20b1b9a015_seasons-site-logo-min.png
assets-global.website-files.com/62560356437e763225bde05d/ 17 KB
17 KB 441ms
436ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625e07718caafd20b1b9a015_seasons-site-logo-min.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c502fc65b9cf4866f9ba4eb229276fa182b88e36cd339a1ccf7b4ba915cb5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: do9Pod.XMHGbe5M0kOZMhS7.SFBlJiBZ
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:50:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "181027510758bb6a067ffda09b038a08"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 17428
x-amz-cf-id: 72lec_kiHQPolDjo-9egPO3tjv3Rb7u_gokj2cPIN3qtkxdSvtj1wA==

GET
H2 200 625e08f6b640400fb979fe6f_30-day.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 31 KB
32 KB 443ms
438ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625e08f6b640400fb979fe6f_30-day.jpg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50150fe4f08d43f4d59743e87d587756efb55b2a5827c86318b8c93410fbb1b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: rrVRVloHpFOUq58Bt96L2RCj6RxIPhyC
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:57:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "09910fba0211c45c590d9c49e86d3177"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 32174
x-amz-cf-id: J6mEBev_j3BVlMboZawAS9sOVmoseh1wcnm-Y6Ty8x3e30iKB6UHhg==

GET
H2 200 627b48c8c3b6e4f9b3e383b1_beachfront-rehab-bali-lovina.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 101 KB
102 KB 501ms
496ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/627b48c8c3b6e4f9b3e383b1_beachfront-rehab-bali-lovina.jpg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9682a45895b2187acc96b2e07d9c94d2a98df16a77cf04e286a06efc6346a10e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: IQreOmFSnFM6PyYYj6vHpb4f.kzsjy35
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Wed, 11 May 2022 05:25:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "be63f11f6d5cc2530b7da9b7a56f6082"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 103907
x-amz-cf-id: OLYLH_R36D0jXGTV_Aj946gDtbH2jDk98osqz8M56kuyiBhySrxUXw==

GET
H2 200 625e08f630c49b40ac78f958_90-day.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 24 KB
25 KB 467ms
462ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625e08f630c49b40ac78f958_90-day.jpg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ff803076a5d9854681070b419eb4daa3ac3c8e29c7ef91c936fd95802c0c48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: K16PyWhH6Wh4TqTtef6VpxqAs_YqXqcj
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:57:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "8c1e8407c4047b637136e28edf589638"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 25056
x-amz-cf-id: ddDbQAbdsjwW90fNveseGGbl_aI2qR2no3LA0CuSYoCcDVaA7zwP7Q==

GET
H2 200 625dfd1b8caafd3cbcb96582_video-thumbnail.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 30 KB
30 KB 434ms
430ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625dfd1b8caafd3cbcb96582_video-thumbnail.jpg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb543df82d77c37d370f840f2a990dab13c5ce414b43826ae3ec55c1e6a64e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: 2PZKBxODfHRszPFXJweocuGQYUYHoYNe
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:06:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "f3411d0e44ff5d222e4f789be8aace2e"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 30683
x-amz-cf-id: dWyLDod8sfpYMVVAfkFiLqv8SgC2URtUf5divTc_4hJm7qMOtgadkg==

GET
H2 200 62560356437e76df28bde0cb_play-square.svg
assets-global.website-files.com/62560356437e763225bde05d/ 500 B
949 B 453ms
449ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76df28bde0cb_play-square.svg
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0d0c2afafc0a23cf5bc0a18558026c6fec693ec9e94f0e47e434ccc6ae669e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: e5F5DuwrcJ3Fm0SSQsD6NfvbcRyq7pRK
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "393e206eb619ddd04912458da6869e0a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 500
x-amz-cf-id: jfFCqJfEvIBMAwqqxqH40kvshnUZX6qcpe2A-OW0Lt_xsJE1NNkTPg==

GET
H2 200 62560356437e76eb8bbde125_need-help.png
assets-global.website-files.com/62560356437e763225bde05d/ 17 KB
17 KB 447ms
443ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76eb8bbde125_need-help.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f86a281be909c29a424d24ec2290310abaea8ac6af3ad1ebcacaf9e3ba9c0693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: kAP7ZhNSq.q2iuuAt.sXzWg0O0m2zU6z
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "f1eceee1860707000910d607e8fe9066"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 17446
x-amz-cf-id: 985CWXR_f7qkDP5PPNTrBzDikIkKAYq0ddG05OO8Tc_RJ4ukSzsVrA==

GET
H2 200 62560356437e76d4c5bde126_reach-out.png
assets-global.website-files.com/62560356437e763225bde05d/ 18 KB
19 KB 470ms
467ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76d4c5bde126_reach-out.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 449b670da11ca45718e7b8845913266b73d8323771776fe92cd6dafacf95befe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: Zbzx_hgPqucZeS4qz2RJItgtBFg7DBQx
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "1fd1619c134086854565a93373e00235"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 18480
x-amz-cf-id: msN6IKS8cVxa5lSec-qIOrq8ANoGJP1qTYbHYc2HElgripe8jwDXjw==

GET
H2 200 62560356437e76ab3dbde12a_talk-to-us.png
assets-global.website-files.com/62560356437e763225bde05d/ 18 KB
19 KB 65ms
62ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76ab3dbde12a_talk-to-us.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edd0f1639a0b3e4e18295efd279ca92e2f7cc184738e7e24c5a0d5204d42d962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:18:15 GMT
x-amz-version-id: cIuGcefiuDiU9SFN31tfxSxS2bbE7i0x
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
age: 71757
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18754
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
etag: "edf9b59ab1ecd856e6fc64cf8db48469"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 2ziCwaqnJ-PKSkj4SjGLDvWDbpLgOYRAivKCeo2gS2xFEt7lPI3RQQ==

GET
H2 200 62560356437e764486bde0d5_nine.png
assets-global.website-files.com/62560356437e763225bde05d/ 1 KB
2 KB 440ms
437ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e764486bde0d5_nine.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3530e30b552048a19d0e436e146b4a7f5fa3580085322295ff58d5ff929b42b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: 9noa9XY7CPRL8Ce6yw79bq85AA5RtzlV
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "201f8827d485e9b9a117710cad99524a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 1531
x-amz-cf-id: 8WYLOfal7v4BkVo0DikEQI-gKbrk-ZC9rUS77Avof7fRvLvN-OzZ6A==

GET
H2 200 62560356437e7650fbbde0d3_the%20age.png
assets-global.website-files.com/62560356437e763225bde05d/ 4 KB
4 KB 48ms
45ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e7650fbbde0d3_the%20age.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319dcb35d1874a07e23110012f220aad720365d1bc7a4e93fa84ed39d992e594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:18:16 GMT
x-amz-version-id: eewqAiYXMfgBjC08i_TZ2rS7xig9Zydn
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
age: 71756
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3828
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
etag: "4c38f7f24ff70fe18148e5d1838b5c60"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: aW7Az5F2hKQCUQ3NYOWa1qkBY1lNxbMig_4SgSQpA5is0Qz7Odp4MQ==

GET
H2 200 62560356437e76762ebde0d2_sbs.png
assets-global.website-files.com/62560356437e763225bde05d/ 2 KB
3 KB 464ms
462ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76762ebde0d2_sbs.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fa22b9a773c53ca1a6e950e18586b401b052d0d4004c10673c9de216c315428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: suP9ktYnRn09HEAw.3rRImsu1CRVjis1
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "74c2de813cc170e3b0553981cf43f4b7"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 2461
x-amz-cf-id: SGr3zIWEZVAsf1tNBk7gg7Wjfr8uJp4MTXfrJ1awzvyENAnmigrIyw==

GET
H2 200 62560356437e76da61bde0ea_herald%20sun.png
assets-global.website-files.com/62560356437e763225bde05d/ 2 KB
3 KB 463ms
461ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76da61bde0ea_herald%20sun.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31e8c1547acb747dcdb8b9355262e701559d272ad49e05880c45c7824158e2b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: Gwlu6Hhb5QHijLG4cVxbpm1jeJBjYOlT
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "84b6d09ec6aa59d695acd7c22cdf9220"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 2293
x-amz-cf-id: D2S4vD6hqCOi8yqyKkJgHSmOhu6zg3pcmWMxT-Zs4e1PwH0UJBAXhg==

GET
H2 200 62560356437e762fc9bde0d1_3aw%20news%20talk.png
assets-global.website-files.com/62560356437e763225bde05d/ 3 KB
4 KB 49ms
47ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e762fc9bde0d1_3aw%20news%20talk.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bffed6cdf0cc6d0973d0c74ef6e2f0c9dcc3bd21f0c3e476f8ef1984856c7261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:18:18 GMT
x-amz-version-id: 3wIUkV0U3.MeoXjSxieS1MnbfRPc.f9u
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
age: 71754
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3463
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
etag: "d6e337a38199de3a2f91cbbaf712a55e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: XJxzPZUciLZZKroKkkpQIZ-LXupjyTeIu-5QtIdJzh6QFwixVmud_Q==

GET
H2 200 625e079019656d05bd0360d7_cropped-seasons-site-logo-F-3-black-min.png
assets-global.website-files.com/62560356437e763225bde05d/ 19 KB
19 KB 461ms
460ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625e079019656d05bd0360d7_cropped-seasons-site-logo-F-3-black-min.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aca208590328e919d0c63b09275a9501129b500f158fb0f38b98ba49ba08f320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: Z3JTVhfQT2KDGnUAdt9MIZCHJUto23JO
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:51:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "0281e5859957218cd99221eab3e64d74"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 19288
x-amz-cf-id: WoyBocHDvVupsOVAjxUNva0ywRYuPSj9E8ONBNJM3WKrZKodc69c3A==

GET
H2 200 62560356437e76e53dbde0ce_BSI-Assurance-Mark-ISO-9001-KEYB-1.png
assets-global.website-files.com/62560356437e763225bde05d/ 15 KB
16 KB 467ms
466ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76e53dbde0ce_BSI-Assurance-Mark-ISO-9001-KEYB-1.png
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a7d17740118a5a463c8988e77d12ad62539f9d5cec28c05a40e9e79039d867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: V69JAPVsgNLvojZR3V50MlcJlrUeN9cA
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "f342ff90beec1831bb20fef3e6757aaf"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 15556
x-amz-cf-id: T4Wq-xe-EFdI24byIhnrR_XQat9CCd0gun7BdmSkPHq5vmoh4D29ug==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 99ms
32ms Script
application/javascript 65.9.94.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=62560356437e763225bde05d
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-213.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://recovery.seasonsbali.com/
Origin: https://recovery.seasonsbali.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 23:17:20 GMT
content-encoding: br
via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
age: 17816
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: HLQQmmh9ojZW2pc8_1e10RaI5E2m2tWh0yRWeB4h6CCuGaV54g0nDg==

GET
H2 200 seasonsbali.1a9a8de5b.js Show response
assets-global.website-files.com/62560356437e763225bde05d/js/ 216 KB
66 KB 474ms
473ms Script
text/javascript 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/js/seasonsbali.1a9a8de5b.js
Requested by: Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cd07fa79debd380bb0d2162fbba9f0ed9f4be56a8da8be2381802cc2d1bbe9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
content-encoding: gzip
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-version-id: HN0gtulGXZeWIlwHHbJ09O1Th7Jbcxha
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 67496
last-modified: Sun, 27 Nov 2022 23:00:24 GMT
server: AmazonS3
etag: "52f0717885bcdf27bd5c916b7380fe8b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: EuopDIkWwBDwTQluXWPLYLLVduP_Sqjh4IKOlumzuFgUJ-X6HGkYgQ==

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
11 KB 69ms
24ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3317000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10158
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUXbrLdJRO95PaWaVEPfHE%2FXZJxVVHFcFN%2F6zZNch%2BfNwIstUKvt6y3dc4jGV5sg5kzHfFOlnM6qcFHS6IR7OreUttjRNknMcOjmKRqSNgXyL10itdD4zzMhxY34gICeZS5LKxTeDfyPDeG7q5A7TOcp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7aab20783a2c2bc5-FRA
expires: Sat, 09 Mar 2024 04:14:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Mar 2023 04:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 02:16:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Mar 2023 04:14:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
60 KB 95ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WR5MBSN

Requested by

Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75f6f6cac89bb8f4e234b8246d883c57f0cfc3107b30b26b2f7ae7922c7d8c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60606
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Mar 2023 04:14:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 71ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recovery.seasonsbali.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 342518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:05:33 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 47 KB
47 KB 98ms
47ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recovery.seasonsbali.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:32:46 GMT
x-content-type-options: nosniff
age: 211285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47952
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 17:32:46 GMT

GET
H2 200 62560356437e76c2dcbde0e7_Icon%20Arrow%20Right.svg
assets-global.website-files.com/62560356437e763225bde05d/ 841 B
1 KB 469ms
468ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76c2dcbde0e7_Icon%20Arrow%20Right.svg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d926849a0293e865cb2c5fa4fab62790a8af4d0e96d57cb981a74854862bc93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: TDfgXZy2YcMpojIewolF.2EEKi0xsoc1
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "9c5db8ae99d1a928ea089e9e0710fadf"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 841
x-amz-cf-id: Vy2-4rPsRSUeAuh04zlV1ykkp_4ZFw3B75fcRF6lqkgEarQ_2G2Eyw==

GET
H2 200 625dfd8f284266bacf245104_header-banner-3.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 168 KB
168 KB 477ms
477ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625dfd8f284266bacf245104_header-banner-3.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fc002553cb866e35f33637674b2e6499976f85da314e3d4baac0c474ac9d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: Rs.4LUAdWsA2Pgc3gJsNVvULKVRJ4J0V
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:08:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "d2928cbe68bffe73fccdbab9c8d7e8d6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 171587
x-amz-cf-id: _U8nxj6CZ65JViI2-mQ3xpPe0ZucTqLIfkngEPrvRVvtAosUybw7fA==

GET
H2 200 62560356437e76ab7fbde130_77%20Essential%20Icons%20Tick.svg
assets-global.website-files.com/62560356437e763225bde05d/ 773 B
1 KB 179ms
178ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e76ab7fbde130_77%20Essential%20Icons%20Tick.svg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0652c346de7d90c31f6fae07f98b673e7f737684c9079267e8e790e49f983129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: AKVmp5ZysAfAB0v8lsTT1raCsQEblLz1
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "2936900ac87c3d23d5615b2d7526661f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 773
x-amz-cf-id: kJDoMQR9ZA9ij3IV4r_XT8OM1MwtJpA-ZMKK7na8mrhkDNz-nKKYGw==

GET
H2 200 625f48b3be2c176c9eb75d65_phone-icon-blue.png
assets-global.website-files.com/62560356437e763225bde05d/ 4 KB
4 KB 440ms
437ms Image
image/png 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625f48b3be2c176c9eb75d65_phone-icon-blue.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f2b64367f757070168befdd217afee6fbf59ce740e9c9a1b71afdaeb870bb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: N2A9tBR1peW1kx8DMBwUnadT.ainWKJj
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 23:41:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "248f4b68a3f4a1471183fd7c191fb9b3"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 3967
x-amz-cf-id: EGVtNlNod-uwMNpPP6HZfbdL58tOhW7kfkZJVYm0DVLndY49VqCADA==

GET
H2 200 625df80b4cac28f80a3cfb4a_activities.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 18 KB
19 KB 445ms
441ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625df80b4cac28f80a3cfb4a_activities.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a486e6238a8b9b9817c35066ba7bfab5cffc10059246c6383a4abb3ec3a06cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: ExfAmjFsspQmSdQ8YXSk9PATBGjNd4ZV
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 23:45:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "8d403c64757c58590f32c92daac47b95"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 18530
x-amz-cf-id: EdIqVQjY7pHwdBoQIshIr8lP4aQ2HB8C0zlqv1bZaurjWkgYkLjAMw==

GET
H2 200 627b47d65df6449b722af15d_Seasons-Bali-rehab-4-scaled(1).jpg
assets-global.website-files.com/62560356437e763225bde05d/ 19 KB
19 KB 467ms
464ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/627b47d65df6449b722af15d_Seasons-Bali-rehab-4-scaled(1).jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab45698394c0faacd7a74498ae8bc823a91a46f788b3c87c3527420c4f1522f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: Vlpexr.910H5QydoWhncI_XdcXW0KI4i
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Wed, 11 May 2022 05:21:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "0cd4d7ebff192d38ae6b45e887fcbcc8"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 19437
x-amz-cf-id: h8APN-gNEhvgBDNKvHF0fUOWz3vwO887fqlH8ZWGyreYrk1g-UQMeA==

GET
H2 200 625df80bbe4eb079a847fbc9_medical-assistance.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 13 KB
14 KB 165ms
162ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625df80bbe4eb079a847fbc9_medical-assistance.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c5b261244727ff8a2a841a1f8a7f9112a681facb8ff077753d3489efcb44f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: v9vuMoy3wA6PWqn2475b59JbLJuEZR55
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Mon, 18 Apr 2022 23:45:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "45991df3631c10da1967cb73273bf545"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 13530
x-amz-cf-id: fBGXMtcHe9fgz8G0wF1pwZSf3PslX1pYOtywvQl0ueKwqLdXkBuD6Q==

GET
H2 200 627b47d647e89c073058080c_Seasons-Bali-rehab-4-scaled.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 21 KB
22 KB 459ms
457ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/627b47d647e89c073058080c_Seasons-Bali-rehab-4-scaled.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cae0d84b03beff3ff1c01cee91a194cac3d6dc22097dd0d71ce9001dd642354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: hkZ3eio0WIgteEGdkC5_0MF3_psOy8IO
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Wed, 11 May 2022 05:21:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "e0237b0ec8497d7c4317017ef676e4b6"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 21935
x-amz-cf-id: Gzor1m7L-HZek4gGGMP5Qc5FUjQVHGd_qHOa4X9pAlmAXsbvQCgwuw==

GET
H2 200 625e05256c4d294ab826ae8f_background-bali.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 80 KB
81 KB 494ms
491ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/625e05256c4d294ab826ae8f_background-bali.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4774a6e04959390c684adf1837db42b3822125b206bc9d90efdc2248ed3a71e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: FuRI3y1xtk9LSqdaxR30G7J2BYuFzfm3
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:41:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "a0aac4d4e1199011a59d1749bf79e307"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 82090
x-amz-cf-id: TOUcwd0iA6WhNzm-u7cNChioiobPwgNLhgbK7kwNuCstIhnP5VAgKQ==

GET
H2 200 62560356437e764270bde11e_process-background.svg
assets-global.website-files.com/62560356437e763225bde05d/ 144 B
591 B 444ms
442ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e764270bde11e_process-background.svg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d751254e4aee5b622a4af77d14817e614c33800559b0e54c636e2a750d6f7e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: XgWb_yA7WJbKqr_yPd10ENa5YXE8ovJw
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 12 Apr 2022 22:55:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "7c765bae26b5e29809b957c5a2249fae"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 144
x-amz-cf-id: OzbUAqY697a1AQ8SJDRPssl-JYV1eenGQJ5n6zr3taQlTCvzxi138g==

GET
H2 200 627b4945f197ffd55bd32220_Seasons-Bali-rehab-12-scaled.jpg
assets-global.website-files.com/62560356437e763225bde05d/ 307 KB
307 KB 494ms
492ms Image
image/jpeg 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/627b4945f197ffd55bd32220_Seasons-Bali-rehab-12-scaled.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40aa812ceea290731c6f2360eb14b41219e9878ce3b7b823710ae6cce94773a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: hgEUMtiulZcpDcd9VNziZvqXsI5IhIEm
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Wed, 11 May 2022 05:27:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "fbe8fe3d05656f5359197961ad872f18"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 313884
x-amz-cf-id: 7GLdny6aDWrINRZ5XrhVsAK69Dfjvm5DMGV-V7eNgT7iQHO8hxuoiA==

GET
H2 200 62560356437e763e82bde0cf_Email%20Outline.svg
assets-global.website-files.com/62560356437e763225bde05d/ 535 B
990 B 37ms
35ms Image
image/svg+xml 2600:9000:21f3:ba00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/62560356437e763225bde05d/62560356437e763e82bde0cf_Email%20Outline.svg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d48c0c8c991f6f60ef504c092a98cb14aa330de4ae10a9eb5acd04de30c21b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 08:18:26 GMT
x-amz-version-id: NxwYFg5cclAqQgPvsWxW.GcdjKztMUgB
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
age: 71746
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 535
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
etag: "0c33f7e05802ae3e7a18654b5e3d42df"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: gIe8mZm7uWc0oMQa7lVASz6EukeTrnkQtomk6F_j9drj5xOIV-L2ig==

GET
H2 200 62560356437e767495bde0c4_a.woff
assets.website-files.com/62560356437e763225bde05d/ 30 KB
31 KB 558ms
460ms Font
application/x-font-woff 2600:9000:2127:9c00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/62560356437e763225bde05d/62560356437e767495bde0c4_a.woff
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8d612aacc2e14d3d52741f04530cebee5f3c860c00acbc9065f339c48cdd0f1

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://recovery.seasonsbali.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: 9kXjSp4PewIXZ1P8RCSNE2qIp4kuFTL5
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 30756
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
etag: "04a0ff555a2ed64a394ec4666d54c045"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: rNT-fC1Bk34Nwnsep2H3JWpc1jMXIqNATrwpW3piJwBeFCMcyQIcPA==

GET
H2 200 62560356437e76a8e0bde0c2_a-2.woff
assets.website-files.com/62560356437e763225bde05d/ 32 KB
33 KB 560ms
462ms Font
application/x-font-woff 2600:9000:2127:9c00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/62560356437e763225bde05d/62560356437e76a8e0bde0c2_a-2.woff
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95eadb0d630eb470ce21459d9070c5d5d4b40a1582f6a5d10813fd75e0c3f098

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://recovery.seasonsbali.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: YucFIKVJ.m12svg4NphiC.CXejNLA7FG
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 32772
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
etag: "1098c9e904648ae8581e766d88723efb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: tDC25AVPyjNy6_vuHjll6by0clcr5xlLDrxr6Py8MwgwcD3wvhLlvg==

GET
H2 200 62560356437e760833bde0c3_a-1.woff
assets.website-files.com/62560356437e763225bde05d/ 30 KB
31 KB 584ms
485ms Font
application/x-font-woff 2600:9000:2127:9c00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/62560356437e763225bde05d/62560356437e760833bde0c3_a-1.woff
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/62560356437e763225bde05d/css/seasonsbali.3b6c1a207.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cd954c35c7695a603f3831a889f16c9e265986f8b76fd5d45f6ea6505b6d621

Request headers

Referer: https://assets-global.website-files.com/
Origin: https://recovery.seasonsbali.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:12 GMT
x-amz-version-id: vzI4GB33wLY4WKO.CjQW17eLYegdsxTM
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 30696
last-modified: Tue, 12 Apr 2022 22:55:20 GMT
server: AmazonS3
etag: "3237f0a080729d7f8c195184145986a4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: C23E6R9YGTY66DSuT2S9XvdLqVk0k4cEe4TpnT0o6CL0EaUR6hHxGw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR5MBSN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Mar 2023 02:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6638
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Mar 2023 04:23:33 GMT

GET
H2 200 94392.js Show response
trkcall.com/scripts/ 14 KB
14 KB 1314ms
1163ms Script
application/octet-stream 13.224.189.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trkcall.com/scripts/94392.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR5MBSN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-105.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 109ba8f2d219337a9eb90279d3655b1dd64aa50b240ffb3377f138b56279da65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:13 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 07:00:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "9a63a6bf1a49a49a3874849048cdd2f7"
x-cache: Miss from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 13907
x-amz-cf-id: ue-wFdmazWSiKa23vCP8Z2G1NQnZta7TGYwueHKOb_ANU9ulGmYeaw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GZF8PJ9XKT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR5MBSN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63b907a4002c60427a181e22a2ceb0013e578c623b6558b73c32d15f1813e10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Mar 2023 04:14:11 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 134ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GZF8PJ9XKT&gtm=45je33f0&_p=863199239&cid=372002901.1679285651&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679285651&sct=1&seg=0&dl=https%3A%2F%2Frecovery.seasonsbali.com%2F&dt=Addiction%20Treatment%20%7C%20Life%20Changing%20Support%20%7C%20The%20Hader%20Clinic&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZF8PJ9XKT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 04:14:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recovery.seasonsbali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 117ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28923865-9&cid=372002901.1679285651&jid=189134312&gjid=1303951386&_gid=1233991875.1679285651&_u=YCDAgEABAAAAAEAAI~&z=232225174

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://recovery.seasonsbali.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 04:14:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://recovery.seasonsbali.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 21ms
20ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=863199239&t=pageview&_s=1&dl=https%3A%2F%2Frecovery.seasonsbali.com%2F&ul=en-us&de=UTF-8&dt=Addiction%20Treatment%20%7C%20Life%20Changing%20Support%20%7C%20The%20Hader%20Clinic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=189134312&gjid=1303951386&cid=372002901.1679285651&tid=UA-28923865-9&_gid=1233991875.1679285651&gtm=45He33f0n81WR5MBSN&z=2031527828

Requested by

Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Mar 2023 16:06:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43639
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 82ms
33ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28923865-9&cid=372002901.1679285651&jid=189134312&_u=YCDAgEABAAAAAEAAI~&z=593887174

Requested by

Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 04:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 83ms
33ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-28923865-9&cid=372002901.1679285651&jid=189134312&_u=YCDAgEABAAAAAEAAI~&z=593887174

Requested by

Host: recovery.seasonsbali.com
URL: https://recovery.seasonsbali.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Mar 2023 04:14:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK es.min.js.gz Show response
d360-public-artefacts.s3.ap-southeast-2.amazonaws.com/ 7 KB
7 KB 919ms
310ms Script
application/javascript 52.95.129.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d360-public-artefacts.s3.ap-southeast-2.amazonaws.com/es.min.js.gz
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR5MBSN
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.129.14 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 018badad75a9c562cc949037cb4c95a64cab1b117b3d9b0b6c2ec7a3b4d6888f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 20 Mar 2023 04:14:13 GMT
x-amz-version-id: .qlOayh5LNq0lTOOA.LjYz5v2s6IIR2p
Last-Modified: Tue, 31 May 2022 02:45:15 GMT
Server: AmazonS3
x-amz-request-id: CRT670182TQR6MJM
ETag: "d551354b4bdfe30c78969e40b3811416"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6960
x-amz-id-2: mzXXjU/tClX8Wlv1BuomJyS9umBtdJfXOZgeAiAbV2gOwLBonXT8sAbV21KeOcn0xZBjB3Vt1dw=

GET
H2 200 user Show response
s.trkcall.com/v4/9439272188903/ 17 B
218 B 910ms
298ms XHR
application/json 3.106.96.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trkcall.com/v4/9439272188903/user
Requested by: Host: trkcall.com
URL: https://trkcall.com/scripts/94392.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.106.96.148 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-106-96-148.ap-southeast-2.compute.amazonaws.com
Software: WildJar-3.1.6 /
Resource Hash: 93829fbb8e18eccbf072892922b18bcd403286ce100254d675f4ed4fe6f945d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 04:14:13 GMT
server: WildJar-3.1.6
etag: 16792856530
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate, proxy-revalidate, max-age=86400
content-length: 17

GET
H2 200 / Show response
s.trkcall.com/v3/ 31 B
194 B 921ms
310ms XHR
text/html 3.106.96.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trkcall.com/v3/?code=94392&da=none&p=https%3A%2F%2Frecovery.seasonsbali.com%2F&m=(none)&s=(direct)&usr=372002901.1679285651&tid=G-GZF8PJ9XKT
Requested by: Host: trkcall.com
URL: https://trkcall.com/scripts/94392.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.106.96.148 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-106-96-148.ap-southeast-2.compute.amazonaws.com
Software: WildJar-3.1.6 /
Resource Hash: fb8dc7b32d607f07b302c26701b1952d5126f43227cd84de5f84b3e2867fd6a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://recovery.seasonsbali.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: https://recovery.seasonsbali.com
date: Mon, 20 Mar 2023 04:14:13 GMT
access-control-allow-credentials: true
server: WildJar-3.1.6
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 process
es.engineroom.com.au/track/ 0
0 1088ms
453ms Preflight
text/html 3.105.205.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://es.engineroom.com.au/track/process
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.205.3 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-205-3.ap-southeast-2.compute.amazonaws.com
Software: nginx / PHP/8.0.5
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://recovery.seasonsbali.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 20 Mar 2023 04:14:13 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.5

POST
H2 200 process Show response
es.engineroom.com.au/track/ 558 B
2 KB 429ms
429ms XHR
application/json 3.105.205.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://es.engineroom.com.au/track/process
Requested by: Host: d360-public-artefacts.s3.ap-southeast-2.amazonaws.com
URL: https://d360-public-artefacts.s3.ap-southeast-2.amazonaws.com/es.min.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.205.3 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-205-3.ap-southeast-2.compute.amazonaws.com
Software: nginx / PHP/8.0.5
Resource Hash: 42dce3978e4b4f5d56f20f2c0b404bdcbad9673c71231451f11f0a45bccde211

Request headers

Referer: https://recovery.seasonsbali.com/
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 20 Mar 2023 04:14:14 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.0.5
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.seasonsbali.com/	1970-01-20 20:04:05	Name: _ga_GZF8PJ9XKT Value: GS1.1.1679285651.1.0.1679285651.0.0.0
.seasonsbali.com/	1970-01-20 20:04:05	Name: _ga Value: GA1.2.372002901.1679285651
.seasonsbali.com/	1970-01-20 10:29:32	Name: _gid Value: GA1.2.1233991875.1679285651
.seasonsbali.com/	1970-01-20 10:28:05	Name: _dc_gtm_UA-28923865-9 Value: 1
.recovery.seasonsbali.com/	1970-01-20 12:37:41	Name: _Wtr._ Value: eyJtIjoiKG5vbmUpIiwicyI6IihkaXJlY3QpIiwidXNyIjoiMzcyMDAyOTAxLjE2NzkyODU2NTEiLCJ0aWQiOiJHLUdaRjhQSjlYS1QifQ==
recovery.seasonsbali.com/	1970-01-20 12:37:41	Name: _d360 Value: eyJIYXNoIjoiZmVhZDgyNGY3MmVhOGMwZmI0MDkwMWRkMTJiMDM4YWFjOTBiYzM1YzRjNGIxMzNmMGEiLCJVc2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My42NCBTYWZhcmkvNTM3LjM2IiwiUmVtb3RlQWRkcmVzcyI6IiIsIlJlZmVyZXIiOiIiLCJDYW1wYWlnbiI6IiIsIkxhbmRpbmdQYWdlIjoiaHR0cHM6Ly9yZWNvdmVyeS5zZWFzb25zYmFsaS5jb20vIiwiU291cmNlIjoiZGlyZWN0IiwiQ2hhbm5lbCI6InJlZGlyZWN0In0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
assets.website-files.com
cdnjs.cloudflare.com
d360-public-artefacts.s3.ap-southeast-2.amazonaws.com
d3e54v103j8qbb.cloudfront.net
es.engineroom.com.au
fonts.googleapis.com
fonts.gstatic.com
recovery.seasonsbali.com
region1.google-analytics.com
s.trkcall.com
s3-ap-southeast-2.amazonaws.com
stats.g.doubleclick.net
trkcall.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.189.105
2001:4860:4802:32::36
2600:9000:2127:9c00:11:3b84:d200:93a1
2600:9000:21f3:ba00:12:9e5f:cac0:93a1
2606:4700::6811:180e
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9c
3.105.205.3
3.106.96.148
34.253.101.190
52.95.129.14
52.95.134.159
65.9.94.213
018badad75a9c562cc949037cb4c95a64cab1b117b3d9b0b6c2ec7a3b4d6888f
0652c346de7d90c31f6fae07f98b673e7f737684c9079267e8e790e49f983129
109ba8f2d219337a9eb90279d3655b1dd64aa50b240ffb3377f138b56279da65
1cd07fa79debd380bb0d2162fbba9f0ed9f4be56a8da8be2381802cc2d1bbe9c
2c502fc65b9cf4866f9ba4eb229276fa182b88e36cd339a1ccf7b4ba915cb5ef
2c6fc66a6305d342efa8fcbd6f26e11c3edf59d3dbfacbe91969da359cc939df
2fc002553cb866e35f33637674b2e6499976f85da314e3d4baac0c474ac9d6ed
319dcb35d1874a07e23110012f220aad720365d1bc7a4e93fa84ed39d992e594
31e8c1547acb747dcdb8b9355262e701559d272ad49e05880c45c7824158e2b0
3530e30b552048a19d0e436e146b4a7f5fa3580085322295ff58d5ff929b42b7
3c5b261244727ff8a2a841a1f8a7f9112a681facb8ff077753d3489efcb44f7e
3cae0d84b03beff3ff1c01cee91a194cac3d6dc22097dd0d71ce9001dd642354
40aa812ceea290731c6f2360eb14b41219e9878ce3b7b823710ae6cce94773a5
42dce3978e4b4f5d56f20f2c0b404bdcbad9673c71231451f11f0a45bccde211
449b670da11ca45718e7b8845913266b73d8323771776fe92cd6dafacf95befe
4774a6e04959390c684adf1837db42b3822125b206bc9d90efdc2248ed3a71e4
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
50150fe4f08d43f4d59743e87d587756efb55b2a5827c86318b8c93410fbb1b5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63b907a4002c60427a181e22a2ceb0013e578c623b6558b73c32d15f1813e10b
6d06b60bb6fc41d6504dcdb18c00f480daa5558a8d37cdc01cd5397d92f3657c
6d48c0c8c991f6f60ef504c092a98cb14aa330de4ae10a9eb5acd04de30c21b9
6f2b64367f757070168befdd217afee6fbf59ce740e9c9a1b71afdaeb870bb4a
75f6f6cac89bb8f4e234b8246d883c57f0cfc3107b30b26b2f7ae7922c7d8c3c
7cd954c35c7695a603f3831a889f16c9e265986f8b76fd5d45f6ea6505b6d621
7d926849a0293e865cb2c5fa4fab62790a8af4d0e96d57cb981a74854862bc93
7fa22b9a773c53ca1a6e950e18586b401b052d0d4004c10673c9de216c315428
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a7d17740118a5a463c8988e77d12ad62539f9d5cec28c05a40e9e79039d867
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ff803076a5d9854681070b419eb4daa3ac3c8e29c7ef91c936fd95802c0c48a
93829fbb8e18eccbf072892922b18bcd403286ce100254d675f4ed4fe6f945d6
95eadb0d630eb470ce21459d9070c5d5d4b40a1582f6a5d10813fd75e0c3f098
9682a45895b2187acc96b2e07d9c94d2a98df16a77cf04e286a06efc6346a10e
a486e6238a8b9b9817c35066ba7bfab5cffc10059246c6383a4abb3ec3a06cfc
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
aca208590328e919d0c63b09275a9501129b500f158fb0f38b98ba49ba08f320
bab45698394c0faacd7a74498ae8bc823a91a46f788b3c87c3527420c4f1522f
bb543df82d77c37d370f840f2a990dab13c5ce414b43826ae3ec55c1e6a64e1d
bffed6cdf0cc6d0973d0c74ef6e2f0c9dcc3bd21f0c3e476f8ef1984856c7261
c8d612aacc2e14d3d52741f04530cebee5f3c860c00acbc9065f339c48cdd0f1
d0d0c2afafc0a23cf5bc0a18558026c6fec693ec9e94f0e47e434ccc6ae669e7
d751254e4aee5b622a4af77d14817e614c33800559b0e54c636e2a750d6f7e6f
dc8650a0c0001c56fbbf69981858299bfce144fb377ea7ef38b29a6918d35775
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6eb95f028f479be9122257907ef95815e7008e7acc9f9d211d23960a2986fbd
edd0f1639a0b3e4e18295efd279ca92e2f7cc184738e7e24c5a0d5204d42d962
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6972dbe3dceb116d753bd85cccc3ee662ff5a0bd268879f79dc9996942a4fdf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f86a281be909c29a424d24ec2290310abaea8ac6af3ad1ebcacaf9e3ba9c0693
fb8dc7b32d607f07b302c26701b1952d5126f43227cd84de5f84b3e2867fd6a0

recovery.seasonsbali.com Open in urlscan Pro 34.253.101.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

63 %IPv6

14 Domains

19 Subdomains

19 IPs

5 Countries

1484 kBTransfer

2214 kBSize

6 Cookies

3 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

recovery.seasonsbali.com Open in urlscan Pro
34.253.101.190 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

63 %
IPv6

14
Domains

19
Subdomains

19
IPs

5
Countries

1484 kB
Transfer

2214 kB
Size

6
Cookies

57 HTTP transactions
0 data transactions