thebalsamsresort.com Open in urlscan Pro
66.235.200.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://balsamseb5.vn/
Effective URL:
https://thebalsamsresort.com/
Submission: On November 19 via api (November 19th 2024, 12:57:05 pm UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 68 HTTP transactions. The main IP is 66.235.200.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is thebalsamsresort.com.
TLS certificate: Issued by WE1 on October 12th 2024. Valid for: 3 months.

This is the only time thebalsamsresort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	120.72.86.34 120.72.86.34	24085 (QTSC-AS-V...) (QTSC-AS-VN Quang Trung Software City Development Company)
1 37	66.235.200.146 66.235.200.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
21 21	2400:52e0:1e0... 2400:52e0:1e00::1079:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:281c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
2	3.92.120.28 3.92.120.28	14618 (AMAZON-AES) (AMAZON-AES)
1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
68	20

1 120.72.86.34 (Ho Chi Minh City, Viet Nam) 1 redirects

ASN24085 (QTSC-AS-VN Quang Trung Software City Development Company, VN)

balsamseb5.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 66.235.200.146 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

www.thebalsamsresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thebalsamsresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2400:52e0:1e00::1079:1 (Germany) 21 redirects

ASN60068 (CDN77 Datacamp Limited, GB)

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:281c (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

go.thebalsamsresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	thebalsamsresort.com 1 redirects www.thebalsamsresort.com thebalsamsresort.com go.thebalsamsresort.com	4 MB
21	shortpixel.ai 21 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 33610	19 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	161 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	450 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	970 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	229 B
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1331	32 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 6044	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3804 pixel.wp.com — Cisco Umbrella Rank: 3757	3 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	996 B
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	gstatic.com www.gstatic.com	217 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 4479	669 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	21 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	balsamseb5.vn 1 redirects balsamseb5.vn	227 B
68	17

	Domain	Requested by
36	thebalsamsresort.com	thebalsamsresort.com connect.facebook.net
21	sp-ao.shortpixel.ai	21 redirects
4	connect.facebook.net	thebalsamsresort.com connect.facebook.net
4	www.googletagmanager.com	thebalsamsresort.com www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	thebalsamsresort.com
3	use.fontawesome.com	thebalsamsresort.com
2	pi.pardot.com	thebalsamsresort.com pi.pardot.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	go.thebalsamsresort.com	pi.pardot.com
1	www.google.de	thebalsamsresort.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	pixel.wp.com	thebalsamsresort.com
1	www.gstatic.com	www.google.com
1	fast.fonts.net	thebalsamsresort.com
1	www.googleadservices.com	thebalsamsresort.com
1	stats.wp.com	thebalsamsresort.com
1	www.google.com	thebalsamsresort.com
1	fonts.googleapis.com	thebalsamsresort.com
1	www.thebalsamsresort.com	1 redirects
1	balsamseb5.vn	1 redirects
68	22

This site contains links to these domains. Also see Links.

Domain
www.thebalsamsresort.com
thethemefoundry.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
thebalsamsresort.com WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.googleadservices.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-28` - `2024-11-26`	3 months	crt.sh
fonts.net WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
go.thebalsamsresort.com R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thebalsamsresort.com/
Frame ID: 55CC0F168CE0CABE9159FBDDC2A10C23
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Balsams Resort | A Wilderness Renaissance

Page URL History Show full URLs

https://balsamseb5.vn/ HTTP 301
https://www.thebalsamsresort.com/ HTTP 301
https://thebalsamsresort.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.prettyPhoto\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

68
Requests

82 %
HTTPS

38 %
IPv6

17
Domains

22
Subdomains

20
IPs

4
Countries

4943 kB
Transfer

7448 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.thebalsamsresort.com/vision

Search URL Search Domain Scan URL

URL: http://www.thebalsamsresort.com/ownership

Search URL Search Domain Scan URL

URL: http://www.thebalsamsresort.com/contact-us

Search URL Search Domain Scan URL

URL: https://thethemefoundry.com/wordpress-themes/basis/
Title: Basis theme

Search URL Search Domain Scan URL

URL: https://thethemefoundry.com/
Title: The Theme Foundry

Search URL Search Domain Scan URL

URL: https://twitter.com/BalsamsResort

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheBalsamsResort?fref=ts

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://balsamseb5.vn/ HTTP 301
https://www.thebalsamsresort.com/ HTTP 301
https://thebalsamsresort.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png HTTP 302
https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png

Request Chain 12

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_130,h_100/https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png HTTP 302
https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png

Request Chain 27

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg

Request Chain 28

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg

Request Chain 35

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_288,h_192/https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg

Request Chain 36

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg

Request Chain 37

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_286,h_192/https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg

Request Chain 38

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_940/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1440/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1440/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1440/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1440/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png

Request Chain 39

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_940/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png

Request Chain 40

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_940/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png HTTP 302
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png HTTP 302
https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png

Request Chain 62

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_180,h_180/https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png HTTP 302
https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
thebalsamsresort.com/
Redirect Chain

https://balsamseb5.vn/
https://www.thebalsamsresort.com/
https://thebalsamsresort.com/

127 KB
22 KB

743ms
661ms

Document
text/html

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ff943683dc355c7e498b12c11894b5e8596bf25bc6718a5016dbcd84568f3c0c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: EXPIRED
cf-ray: 8e505cf62f35e50b-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
last-modified: Tue, 19 Nov 2024 12:56:56 GMT
link: <https://thebalsamsresort.com/wp-json/>; rel="https://api.w.org/", <https://thebalsamsresort.com/wp-json/wp/v2/pages/2>; rel="alternate"; title="JSON"; type="application/json", <https://wp.me/P5rLWh-2>; rel=shortlink
server: cloudflare
vary: accept,content-type,Accept-Encoding

Redirect headers

cf-cache-status: MISS
cf-ray: 8e505ce4bafde513-TXL
content-type: text/html; charset=UTF-8
date: Tue, 19 Nov 2024 12:56:55 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
location: https://thebalsamsresort.com/
server: cloudflare
vary: accept,content-type, Accept-Encoding
x-redirect-by: WordPress

GET
H2 200 autoptimize_02db1cf3690644a8dca25217d095d003.css
thebalsamsresort.com/wp-content/cache/autoptimize/css/ 283 KB
51 KB 72ms
66ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_02db1cf3690644a8dca25217d095d003.css
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 15e91b44a97d81738f62b04550ad970966e2fc49d95cf0bdc1df06a0fbf104cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=30672000, public, immutable
content-encoding: gzip
cf-cache-status: HIT
cf-ray: 8e505cfa690ae50b-TXL
expires: Mon, 03 Nov 2025 03:27:21 GMT
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: text/css
last-modified: Wed, 13 Nov 2024 01:10:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
thebalsamsresort.com/wp-content/cache/autoptimize/css/ 56 KB
16 KB 93ms
88ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5b667ce0801e7fe7244dbe11fa11a6c5504e7b651ac60e331189804d7fdc5d57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=30672000, public, immutable
content-encoding: gzip
cf-cache-status: HIT
cf-ray: 8e505cfa6915e50b-TXL
expires: Thu, 23 Oct 2025 23:36:27 GMT
accept-ranges: bytes
content-length: 16435
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: text/css
last-modified: Tue, 20 Feb 2024 12:58:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 142ms
49ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo%3A400%2C700%2C400italic%2C700italic&ver=1.0.16

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cba91c08143e6437e0fda241a04c4157f99798d463d05724d8fd4fe27dfed1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 12:56:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 19 Nov 2024 12:56:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.4/css/ 58 KB
14 KB 141ms
53ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.3
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
age: 1525736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgIhKODKxPoUq2kDX%2BQkjUlArSCqmNwUh3i1mXjw9vdn4XAEZ9JJBW5eqIvUhrbtKJcG1zMLTRibirP2CAGdbrR9WhTT8IhHkCJHW2M6dfaN3qt1%2BycJgrox%2BYPnpdLzoSBjpeIVCUSNcEkpkWvhH7VB"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e505cfaf8c5d3c0-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=37979&sent=16&recv=11&lost=0&retrans=0&sent_bytes=9155&recv_bytes=2332&delivery_rate=101645&cwnd=252&unsent_bytes=0&cid=d1a8cb8d2128b0bf&ts=60&x=0"
date: Tue, 19 Nov 2024 12:56:56 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 140ms
53ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.3
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"a034d3c71bee546f625877d7932917f8"
age: 1843211
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=39YGZkTuQSTUWgfSaMNbGEmiOMbjO5OPFK9d5oI8Ki7CvjdB09LVgrzX7jsLqR06dyHIZEGiPwx6DLvX5U4GcQEvCNzwpvraGpMBgAMkb6nxMWxQm1RMTAqtjQjScVMI4zkq6gErJEMTPMBBkGJNnWIL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e505cfaf8c9d3c0-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=37979&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2332&delivery_rate=101645&cwnd=252&unsent_bytes=0&cid=d1a8cb8d2128b0bf&ts=58&x=0"
date: Tue, 19 Nov 2024 12:56:56 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.min.js Show response
thebalsamsresort.com/wp-includes/js/jquery/ 86 KB
38 KB 249ms
245ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfa6919e50b-TXL
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 01:02:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-migrate.min.js Show response
thebalsamsresort.com/wp-includes/js/jquery/ 13 KB
5 KB 260ms
257ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfa6923e50b-TXL
accept-ranges: bytes
content-length: 5422
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Wed, 09 Aug 2023 01:02:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 mobile-menu.js Show response
thebalsamsresort.com/wp-content/themes/basis-child/js/ 2 KB
749 B 255ms
252ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/js/mobile-menu.js?ver=1.11.1
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 0f75caf9d878724cd73dbc647ce6726d4999c31a6aa5a125901aceef08e5fc14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfa6929e50b-TXL
accept-ranges: bytes
content-length: 666
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Thu, 14 Sep 2017 17:32:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.prettyPhoto.js Show response
thebalsamsresort.com/wp-content/plugins/wp-video-lightbox/js/ 35 KB
12 KB 494ms
492ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.js?ver=3.1.6
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: cf0b3cb15da803d6a1bc068bee28366beee59e19e34d7fd72120f9b07582273d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfa6930e50b-TXL
accept-ranges: bytes
content-length: 12364
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Thu, 02 May 2024 17:24:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 video-lightbox.js Show response
thebalsamsresort.com/wp-content/plugins/wp-video-lightbox/js/ 7 KB
2 KB 259ms
257ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: a144a2debb8f5767c73d17d18081ffb1a4d5e4006a846aed7f2ebcce13655aee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfa6935e50b-TXL
accept-ranges: bytes
content-length: 1537
date: Tue, 19 Nov 2024 12:56:56 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Thu, 02 May 2024 17:24:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 373 KB
123 KB 232ms
108ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J320SV6JND

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f7316377d786c006f0092056b895532620d438bb3e5491145a54689eeadfc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 19 Nov 2024 12:56:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 125146
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

ajax_loader.png
thebalsamsresort.com/wp-content/plugins/slider-wd/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png
https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png

6 KB
6 KB

246ms
246ms

Image
image/png

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: af0e7949545217647175902112260cb564f20a25b50448c4b6e9217e26f990e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cfb5ce0e50b-TXL
accept-ranges: bytes
content-length: 5830
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/png
last-modified: Fri, 12 Dec 2014 19:21:42 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns61
date: Tue, 19 Nov 2024 12:56:56 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 01:20:28
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/plugins/slider-wd/images/ajax_loader.png
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 85eca56745621c067bca2ce0e546b46e
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

Balsams_Logo-blue.png
thebalsamsresort.com/wp-content/themes/basis-child/images/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_130,h_100/https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png
https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png

10 KB
10 KB

252ms
251ms

Image
image/png

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2d2e48686f326beef8e21fb40b40062d6d305d210e8d0c5e4e3921c007cfc23e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cfb5cdde50b-TXL
accept-ranges: bytes
content-length: 10012
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/png
last-modified: Thu, 14 Sep 2017 17:32:12 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns61
date: Tue, 19 Nov 2024 12:56:56 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 07:55:05
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/themes/basis-child/images/Balsams_Logo-blue.png
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 98f1753c4378057908aa93db4acfdb6b
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2 200 custom.js Show response
thebalsamsresort.com/wp-content/themes/basis-child/js/ 625 B
341 B 266ms
265ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/js/custom.js?ver=1.0.0
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9405840157a274a597385053a24aae8c577f15dc7a92946ffbf68f11f7ab7299

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfceb6de50b-TXL
accept-ranges: bytes
content-length: 282
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Thu, 14 Sep 2017 17:32:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
996 B 164ms
47ms Script
text/javascript 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

ESF /

Resource Hash

b8067faae4222682f3ef53df68ae8d6d483a9b8bddfad8e92246d1870ec8cc81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 12:56:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 19 Nov 2024 12:56:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 responsive-nav.min.js Show response
thebalsamsresort.com/wp-content/themes/basis/includes/javascripts/responsive-nav/ 9 KB
3 KB 241ms
241ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis/includes/javascripts/responsive-nav/responsive-nav.min.js?ver=1.0.17
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: c1c6e09a970878a8da33cc0431a70f0ec185031f003a327173510fe425154db9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfceb84e50b-TXL
accept-ranges: bytes
content-length: 2483
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Mon, 09 May 2016 17:08:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.fitvids.min.js Show response
thebalsamsresort.com/wp-content/themes/basis/includes/javascripts/fitvids/ 2 KB
969 B 270ms
263ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis/includes/javascripts/fitvids/jquery.fitvids.min.js?ver=1.1
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ac1a48fa8e1e718f4d44da846cf6afa9d03818a237c2d458e99fc7ba710af22c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfe7a5ee50b-TXL
accept-ranges: bytes
content-length: 909
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Mon, 09 May 2016 17:08:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 theme.js Show response
thebalsamsresort.com/wp-content/themes/basis/javascripts/ 10 KB
4 KB 265ms
259ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis/javascripts/theme.js?ver=1.0.16
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: bb42a78eb608dffeb27426acd19732f9c27997212aa903d337b8cb650fb2041b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfe7a62e50b-TXL
accept-ranges: bytes
content-length: 3989
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Mon, 09 May 2016 17:08:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 e-202447.js Show response
stats.wp.com/ 7 KB
3 KB 161ms
35ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202447.js
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=31536000
content-encoding: br
x-nc: HIT ams
etag: W/14421-1717166113530.9253
x-minify: t
x-minify-cache: hit
access-control-allow-methods: GET, HEAD
expires: Mon, 17 Nov 2025 06:28:16 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx

GET
H2 200 asyncdc.min.js Show response
thebalsamsresort.com/wp-content/plugins/pardot/js/ 457 B
300 B 263ms
257ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/plugins/pardot/js/asyncdc.min.js?ver=6.7
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfe7a64e50b-TXL
accept-ranges: bytes
content-length: 218
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Tue, 04 Jun 2024 01:02:41 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 57 KB
21 KB 165ms
54ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

69033291b9ed971456d46cd984149373c1e6ff71eb937bc61f95553a2f404388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: br
etag: 15966682832014614862
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 12:56:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 21069
x-xss-protection: 0
server: cafe

GET
H3 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 154ms
38ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

f98e6ff05dbb3f1ab81294d5068e0e6446d0f8a1ec14bee6f468c8d37381b252

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-md5: lPo5BH4/GvqOqCRVrKeaQQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "2605c9d5cf12e91f69dba2e8d793ff07"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 13:13:52 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 71f7aeac60c5bff15ead5d9e1592f0d0
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=23, mss=1232, tbw=4510, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug: yqC0BddJpAZnsloS6/R/+bMR8jh77uZ6gAkTvubZtF1XnoyxxfOnnoStWmXxKfyhtpL8xISUz4Wvw2JmsZmq9Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 2181
origin-agent-cluster: ?1

GET
H2 200 autoptimize_e51459bbe974b78fda2b56eb9fe81717.css
thebalsamsresort.com/wp-content/cache/autoptimize/css/ 462 B
338 B 52ms
50ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_e51459bbe974b78fda2b56eb9fe81717.css
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 54834d99c247b2a883c9e0b9f9d87256d47299597b3ab46463dd3b4a91d846ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=30672000, public, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 144899
cf-ray: 8e505cfe7a67e50b-TXL
expires: Wed, 05 Nov 2025 11:04:04 GMT
accept-ranges: bytes
content-length: 246
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: text/css
last-modified: Tue, 20 Feb 2024 12:58:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1.css
fast.fonts.net/t/ 0
669 B 477ms
53ms Stylesheet
text/css 2606:4700::6810:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=84cad3ae-2114-4a59-ad8c-c7d107c9ad52
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: HIT
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id: S7lzDmdDI0noOXFTwuZlTK1jzSNI0TZH
age: 2176885
x-amz-meta-mtime: 1519217722
expires: Tue, 19 Nov 2024 12:56:58 GMT
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 30 Jul 2024 12:03:08 GMT
vary: Accept-Encoding
x-amz-id-2: Wxr+69xeYR0Knja02exRf+eTs7PZ8YOlOz82JhZQCwDNs0TOPMQSPW+a7SazF3f4847mgXMAlhm5rWJi4InsYJpMX3vli4BWzxX+CETUo7o=
x-amz-replication-status: COMPLETED
cache-control: public, max-age=1
x-amz-request-id: 8H8SD813GYW32PDB
cf-ray: 8e505cfdce9491fb-FRA
accept-ranges: bytes
content-length: 0
server: cloudflare
x-amz-server-side-encryption: AES256

GET e9f62c98-d2c1-406d-bc69-bc15cdbd1ea1
https://thebalsamsresort.com/ 0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 154ms
39ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js?v=next

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

ade94b0a7e4417aaff64183516b645a79405d6557ee0c8f0a92e20ab71f4ea0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-UF2QIalt' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-UF2QIalt' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=23, mss=1232, tbw=8798, tp=14, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: PV6jk5ChAK27BTBEJkd09wLTRbbW7p7C0SvsoLqx3y9AJvtFith35urL0XIs9aVixpYFJ91PZVtNnteX2Nn98w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62148
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
81 KB 180ms
59ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXCJ7L

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4d25a886aa72bd3d19130f752ac91a6243b4e49e6b7fb65bac4a4616f9654b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 19 Nov 2024 12:56:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82665
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

logo_onblue_webonly.jpg
thebalsamsresort.com/wp-content/uploads/2014/12/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg
https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg

826 KB
827 KB

250ms
249ms

Image
image/jpeg

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: de2de01d12c6d3460250a951a94d7500b548e8fa4c9b711205613e82eb50468d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505cfedbd8e50b-TXL
accept-ranges: bytes
content-length: 845773
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Tue, 23 Dec 2014 21:10:40 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns62
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 01:20:29
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2014/12/logo_onblue_webonly.jpg
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 2320c770edba47561e51258c80293fd9
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

Slider1_Header_Image.jpg
thebalsamsresort.com/wp-content/uploads/2015/02/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg
https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg

243 KB
244 KB

236ms
235ms

Image
image/jpeg

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9dc1c516ea717c6b66c5723bfa4baa4b78fdda15c1d18374f3064b27d4cc6a7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505cfedbd5e50b-TXL
accept-ranges: bytes
content-length: 248999
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Wed, 11 Feb 2015 18:19:58 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns61
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 07:55:05
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 59ad86b0f914af87e3004d5141d05aae
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1079
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2 200 footer-social-icons.svg
thebalsamsresort.com/wp-content/themes/basis/images/ 9 KB
3 KB 239ms
233ms Image
image/svg+xml 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/themes/basis/images/footer-social-icons.svg
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5d6e7a8c11d1519f3d7fb48cd18352af39ee1fd63a72bcd2c2cd516ca89451b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505cfe8a98e50b-TXL
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/svg+xml
last-modified: Mon, 09 May 2016 17:08:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 4f2d0548-c7dc-459b-a2e0-e86656a10ded.woff
thebalsamsresort.com/wp-content/themes/basis-child/Fonts/ 22 KB
22 KB 499ms
495ms Font
font/woff 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/Fonts/4f2d0548-c7dc-459b-a2e0-e86656a10ded.woff
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2167fef313ef000e5f7c733672e0fb51da89f830094c99e68248da1bb21147fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thebalsamsresort.com
Referer: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cfecbb7e50b-TXL
accept-ranges: bytes
content-length: 22455
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: font/woff
last-modified: Thu, 14 Sep 2017 17:32:15 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
14 KB 129ms
46ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_02db1cf3690644a8dca25217d095d003.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thebalsamsresort.com
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: HIT
etag: "b91d376b8d7646d671cd820950d5f7f1"
age: 1293574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WEAPnQYwdtS415HQapX3Hyxe6weW1Bcrz4sbX%2F6RrcSuWNeLBGn%2BkEqjzUyOXgUMvNA%2Bgj4dQL7vSuT1xM3NS3Hw%2BS7zWfIkIMbr4rjnoW0Oy7p8LhhFFq6WMK%2Byz38Ow98bO7DuFfvwO7X%2FCUtXfJOL"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=38749&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4034&recv_bytes=2206&delivery_rate=98146&cwnd=253&unsent_bytes=0&cid=c3683273e4390ef2&ts=52&x=0"
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e505cff5d5fdcd0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13224
server: cloudflare

GET
H2 200 6b45f9ca-22b4-48ca-962f-6ff1fa7fc196.woff
thebalsamsresort.com/wp-content/themes/basis-child/Fonts/ 22 KB
22 KB 240ms
236ms Font
font/woff 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/Fonts/6b45f9ca-22b4-48ca-962f-6ff1fa7fc196.woff
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 8f7557b5ba841c7f740675e52e7a82d4165c148b9dc90804e5a2cce9da4a81c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thebalsamsresort.com
Referer: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cfecbbbe50b-TXL
accept-ranges: bytes
content-length: 22182
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: font/woff
last-modified: Thu, 14 Sep 2017 17:32:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 9cea1d1b-5428-4461-8a01-23d44045d07e.woff
thebalsamsresort.com/wp-content/themes/basis-child/Fonts/ 23 KB
23 KB 240ms
237ms Font
font/woff 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/Fonts/9cea1d1b-5428-4461-8a01-23d44045d07e.woff
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: a5c5c8603c648214b2ee4e0cdd9b54a283518d17b97aae4df18ac9b82c7b963e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thebalsamsresort.com
Referer: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cfecbbce50b-TXL
accept-ranges: bytes
content-length: 23364
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: font/woff
last-modified: Thu, 14 Sep 2017 17:32:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 050c2cbf-b818-4b8e-b6d2-71b70478bd9d.woff
thebalsamsresort.com/wp-content/themes/basis-child/Fonts/ 22 KB
22 KB 256ms
253ms Font
font/woff 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/Fonts/050c2cbf-b818-4b8e-b6d2-71b70478bd9d.woff
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e3ca1f8c351a235cf720c00e4d4ee0042b7fa03f5302f821c1e28965650253c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thebalsamsresort.com
Referer: https://thebalsamsresort.com/wp-content/cache/autoptimize/css/autoptimize_68cafcc6770d12f8dcdd0ae96d1c8220.css

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cfecbbee50b-TXL
accept-ranges: bytes
content-length: 22741
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: font/woff
last-modified: Thu, 14 Sep 2017 17:32:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

hikingfamily_summer.jpg
thebalsamsresort.com/wp-content/uploads/2014/12/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_288,h_192/https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg
https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg

65 KB
65 KB

314ms
309ms

Image
image/jpeg

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 57247079ec24b9eccca599f90845650fae11db1d35fd48c40f8ea5618b844b2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505cff3da0e50b-TXL
accept-ranges: bytes
content-length: 66393
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Mon, 06 Jul 2015 19:29:25 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns62
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 03:41:09
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2014/12/hikingfamily_summer.jpg
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 44c19c75183287363d10da5bbc9401ce
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 1
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1080
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

NEW_KEY_571.jpg
thebalsamsresort.com/wp-content/uploads/2014/12/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_5...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg
https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg

223 KB
224 KB

291ms
290ms

Image
image/jpeg

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: cf7097b599ceb380fe74e4c5aabf6b2bd0763269a1a99ea0d969538659ca2d55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505cff8f03e50b-TXL
accept-ranges: bytes
content-length: 228762
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Tue, 23 Dec 2014 19:31:44 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns62
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 08:38:22
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2014/12/NEW_KEY_571.jpg
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: bc126479ecc09cc0af83953d2b12df07
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

hampshirehouse_summer.jpg
thebalsamsresort.com/wp-content/uploads/2014/12/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_286,h_192/https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg
https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg

88 KB
88 KB

319ms
310ms

Image
image/jpeg

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e2f94cf3a9b5288a18f3cfde5731e23baf07ed1b7d8a168904689e819c270e43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505cff3d9ee50b-TXL
accept-ranges: bytes
content-length: 89734
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Mon, 06 Jul 2015 19:29:23 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns62
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 07:55:05
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2014/12/hampshirehouse_summer.jpg
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: ff81c69154709fe4e52e4ceea0de1dde
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png
thebalsamsresort.com/wp-content/uploads/2024/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_940/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_76...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_14...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1440/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screensh...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1440/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png
https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png

370 KB
370 KB

263ms
263ms

Image
image/png

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9921cfe1568a8d09631a1501dab0027366dff448b6ea0da799e931bbfa13ee28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505d004a1ae50b-TXL
accept-ranges: bytes
content-length: 378863
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/png
last-modified: Wed, 06 Nov 2024 19:29:52 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns62
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/18/2024 20:11:34
cdn-cache: STALE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.19.31%E2%80%AFPM-e1730921392657.png
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: 69b15830eb11349b8a2c2747a0cebe7b
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png
thebalsamsresort.com/wp-content/uploads/2024/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_940/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_76...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screensh...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png
https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png

318 KB
318 KB

243ms
242ms

Image
image/png

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 862cdcb8034f5af254904e8441139bf502fb86ef9cd3d404649b088ea0850120

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505cffe88ae50b-TXL
accept-ranges: bytes
content-length: 325167
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/png
last-modified: Wed, 06 Nov 2024 19:27:00 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns61
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/18/2024 20:11:34
cdn-cache: STALE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2024/11/Screenshot-2024-11-06-at-2.20.19%E2%80%AFPM-e1730921220313.png
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: f65d7fb59a69b2e2e4c8517139184765
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2

200

Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png
thebalsamsresort.com/wp-content/uploads/2024/01/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_940/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_102...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_300/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_76...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1024/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_57...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_768/https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Sh...
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_571/https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png
https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png

274 KB
275 KB

236ms
232ms

Image
image/png

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 8bf637b4bfaf868d476b74820f3afaad655c9f9d5ee390b6de42f1f7dd9ec7c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505d00ec63e50b-TXL
accept-ranges: bytes
content-length: 280912
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/png
last-modified: Wed, 24 Jan 2024 17:19:56 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns61
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/18/2024 21:42:14
cdn-cache: STALE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/uploads/2024/01/Screen-Shot-2024-01-24-at-12.19.24-PM-e1706116796171.png
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: c4df80a93a047696d7a2e4a5635199ce
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1081
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 244ms
65ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1612301095652622&ev=PixelInitialized&dl=https%3A%2F%2Fthebalsamsresort.com%2F&rl=&if=false&ts=1732021017497

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4533, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 233ms
59ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://thebalsamsresort.com
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
age: 37161
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 02:37:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 02:37:36 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H3 200 openbridge3.js Show response
connect.facebook.net/signals/plugins/ 242 KB
83 KB 41ms
41ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/openbridge3.js?v=next

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

5e87be3a91b9765545950e0e5382c2232e1989eed7362afc7701c6ccff10fc80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-mM6MHK8b' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-mM6MHK8b' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=73, mss=1232, tbw=73134, tp=69, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: Dw0eb9aA+NNK7nnTclhs6qwcfKXgsqblB4sEij1xrAv4ISIVnvj3tBiEajYSw1xLq44Ssasag6ymiK1KAw5CkA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 84682
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 238032947055091 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 219ms
218ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238032947055091?v=next&r=stable&domain=thebalsamsresort.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js?v=next

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

a8f61042926cd54073c67dea5d6e2a2adedf81b32cac0c772923bcfd30f4c6ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-NeB5leWC' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NeB5leWC' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=117, mss=1232, tbw=160302, tp=143, tpl=0, uplat=172, ullat=0
pragma: public
x-fb-debug: WWeuWL3cTStx3u40MfdTUAsjUoeI6yLWjAVY1OT7AFqJCeCn150VPh9JkOiTCGVmSzM93/e5bRV3HEqqygE42g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 54ms
48ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=80500817&post=2&tz=-4&srv=thebalsamsresort.com&j=1%3A14.0&host=thebalsamsresort.com&ref=&fcp=6396&rand=0.7639937957741401
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: no-cache
access-control-allow-origin: *
content-length: 50
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: image/gif
server: nginx

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963427221/ 43 B
61 B 170ms
69ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963427221/?random=1732021017617&cv=9&fst=1732021017617&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthebalsamsresort.com%2F&tiba=The%20Balsams%20Resort%20%7C%20A%20Wilderness%20Renaissance&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Tue, 19 Nov 2024 12:56:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 wp-emoji-release.min.js Show response
thebalsamsresort.com/wp-includes/js/ 18 KB
5 KB 241ms
237ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
cf-ray: 8e505d004a1fe50b-TXL
accept-ranges: bytes
content-length: 5365
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 01:03:11 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 174ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXCJ7L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: gzip
age: 933
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 19 Nov 2024 14:41:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:41:24 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 373 KB
122 KB 81ms
78ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J320SV6JND&l=dataLayer&cx=c&gtm=45He4be0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXCJ7L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62e45973fa3e5b98d88e2235f53bb34a8a258bc0df30b046cf6a25af7c378863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 19 Nov 2024 12:56:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 125144
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 162ms
45ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-J320SV6JND&gtm=45je4be0v9134449660za200&_p=1732021017334&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=1650367840.1732021018&ul=de-de&sr=1600x1200&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1732021017&sct=1&seg=0&dl=https%3A%2F%2Fthebalsamsresort.com%2F&dt=The%20Balsams%20Resort%20%7C%20A%20Wilderness%20Renaissance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6684
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J320SV6JND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thebalsamsresort.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 164ms
47ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-J320SV6JND&cid=1650367840.1732021018&gtm=45je4be0v9134449660za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J320SV6JND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://thebalsamsresort.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 135ms
74ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-J320SV6JND&cid=1650367840.1732021018&gtm=45je4be0v9134449660za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=153459940

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 19 Nov 2024 12:56:57 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 / Show response
thebalsamsresort.com/ 0
300 B 664ms
661ms XHR
text/html 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/?ob=open-bridge/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/plugins/openbridge3.js?v=next
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://thebalsamsresort.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8e505d0229d9e50b-TXL
expires: Thu, 19 Nov 1981 08:52:00 GMT
date: Tue, 19 Nov 2024 12:56:58 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: text/html; charset=UTF-8
vary: accept,content-type
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 42ms
40ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238032947055091&ev=PageView&dl=https%3A%2F%2Fthebalsamsresort.com%2F&rl=&if=false&ts=1732021017921&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.7-3.0.16&ec=0&o=12318&eid=ob3_plugin-set_a8e29133e02f17e6495acfc78bed85de6a831e9798394f67c9e918cadf2727d7&fbp=fb.1.1732021017918.820044220225859410&cs_est=true&ler=empty&cdl=API_unavailable&it=1732021017562&coo=false&rqm=GET

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4997, tp=16, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 19 Nov 2024 12:56:57 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 177ms
176ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=238032947055091&ev=PageView&dl=https%3A%2F%2Fthebalsamsresort.com%2F&rl=&if=false&ts=1732021017921&sw=1600&sh=1200&v=next&r=stable&a=wordpress-6.7-3.0.16&ec=0&o=12318&eid=ob3_plugin-set_a8e29133e02f17e6495acfc78bed85de6a831e9798394f67c9e918cadf2727d7&fbp=fb.1.1732021017918.820044220225859410&cs_est=true&ler=empty&cdl=API_unavailable&it=1732021017562&coo=false&rqm=FGET

Requested by

Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438973629790357231"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 19 Nov 2024 12:56:58 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 5+n0LN536ii2BVJbCH5iMrg3tzajUgPbYun/AoctBIsVdnO6vHE4W+TrD3OlklGhBwBT4D45fFC2w4oOXfknfw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438973629790357231", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=24, mss=1232, tbw=5237, tp=19, tpl=0, uplat=137, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
437 B 61ms
50ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=603507335&t=pageview&_s=1&dl=https%3A%2F%2Fthebalsamsresort.com%2F&ul=de-de&de=UTF-8&dt=The%20Balsams%20Resort%20%7C%20A%20Wilderness%20Renaissance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=1999209270&gjid=2105970111&cid=1650367840.1732021018&tid=UA-57872818-1&_gid=2084021403.1732021018&_slc=1&gtm=45He4be0n71NXCJ7Lza200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=1625512460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

158d4229f3e698ac913dfe6d00165977641c51ac4e530b28f01290452fb4dafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://thebalsamsresort.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://thebalsamsresort.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 52ms
49ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-57872818-1&cid=1650367840.1732021018&jid=1999209270&gjid=2105970111&_gid=2084021403.1732021018&npa=1&_u=YCDAgAABAAAAAG~&z=997366371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://thebalsamsresort.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://thebalsamsresort.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 377 KB
124 KB 64ms
56ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J320SV6JND&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

66e246cb8ab42ad9fb73877f983412af60896de3d93e89b6f9e21f5fb6072a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 19 Nov 2024 12:56:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:56:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 126998
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 399ms
126ms Script
application/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: thebalsamsresort.com
URL: https://thebalsamsresort.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-120-28.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Thu, 19 Nov 2026 12:56:58 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Tue, 19 Nov 2024 12:56:58 GMT
Content-Type: application/javascript
last-modified: Mon, 18 Nov 2024 05:30:15 GMT
vary: Accept-Encoding,User-Agent

GET
H2 200 Slider1_Header_Image.jpg
thebalsamsresort.com/wp-content/uploads/2015/02/ 243 KB
0 13ms
13ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2015/02/Slider1_Header_Image.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 9dc1c516ea717c6b66c5723bfa4baa4b78fdda15c1d18374f3064b27d4cc6a7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505cfedbd5e50b-TXL
accept-ranges: bytes
content-length: 248999
date: Tue, 19 Nov 2024 12:56:57 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Wed, 11 Feb 2015 18:19:58 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Homepage_Hero2.jpg
thebalsamsresort.com/wp-content/uploads/slider-wd/ 79 KB
79 KB 254ms
253ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/slider-wd/Homepage_Hero2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5553e77407f03d989df3869d4a2a8185fb232131b30bcdb70fe9637af1343ca0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505d042a7de50b-TXL
accept-ranges: bytes
content-length: 80566
date: Tue, 19 Nov 2024 12:56:58 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Thu, 11 Dec 2014 15:37:53 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

favicon.png
thebalsamsresort.com/wp-content/themes/basis-child/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_180,h_180/https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png
https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png

2 KB
2 KB

250ms
246ms

Other
image/png

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png
Protocol: H2
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 05a7a532d532bcab525a6303ca5e5009870b97b7b1aa40d7ba3575ee65471635

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-cache-status: REVALIDATED
cf-ray: 8e505d048c44e50b-TXL
accept-ranges: bytes
content-length: 1806
date: Tue, 19 Nov 2024 12:56:58 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/png
last-modified: Thu, 14 Sep 2017 17:32:06 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

x-robots-tag: noindex
cdn-status: 302
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
xtag-sp-ver: 2-ns62
date: Tue, 19 Nov 2024 12:56:58 GMT
content-type: text/html; charset=UTF-8
cdn-cachedat: 11/19/2024 07:55:07
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 302
link: <https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png>; rel="canonical"
cache-control: public, max-age=43200
location: https://thebalsamsresort.com/wp-content/themes/basis-child/favicon.png
cdn-requestpullsuccess: True
pragma: cache
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestid: e0d525a860c972f45c51374baca65ae4
cdn-pullzone: 490803
cdn-tag: 0; Domain: thebalsamsresort.com; 302
cdn-proxyver: 1.06
cdn-requesttime: 0
access-control-allow-origin: *
content-length: 0
cdn-edgestorageid: 1082
server: BunnyCDN-DE1-1079
cdn-requestcountrycode: DE

GET
H2 200 Hampshire_House_hero_silder_2.jpg
thebalsamsresort.com/wp-content/uploads/2017/02/ 1 MB
1 MB 211ms
210ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2017/02/Hampshire_House_hero_silder_2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: d300da6eb6fdae55a7ac4012a6c6eefb0f509a02ba89e552f833b4258a3c284c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505d05c98ae50b-TXL
accept-ranges: bytes
content-length: 1165045
date: Tue, 19 Nov 2024 12:56:58 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Tue, 07 Feb 2017 16:46:54 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 429ms
428ms Script
text/javascript 3.92.120.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=38886&account_id=967173&title=The%20Balsams%20Resort%20%7C%20A%20Wilderness%20Renaissance&url=https%3A%2F%2Fthebalsamsresort.com%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.92.120.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-92-120-28.compute-1.amazonaws.com

Software

Resource Hash

b68905f667959be7fe09ecfded7ff9b3c63b90d294c6a3fa458d0fe8dbd04304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 538
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Tue, 19 Nov 2024 12:56:58 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

GET
H2 200 Homepage_Slider_Graphic_Golf800x300.jpg
thebalsamsresort.com/wp-content/uploads/2015/07/ 129 KB
129 KB 235ms
235ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thebalsamsresort.com/wp-content/uploads/2015/07/Homepage_Slider_Graphic_Golf800x300.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 73f46a72bf1300fb46e8103dd0db15a5e0445ef9ad796ad9ad7eb33043d73414

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

cf-bgj: h2pri
cf-cache-status: REVALIDATED
cf-ray: 8e505d085c62e50b-TXL
accept-ranges: bytes
content-length: 132233
date: Tue, 19 Nov 2024 12:56:59 GMT
host-header: d3AuYmx1ZWhvc3QuY29t
content-type: image/jpeg
last-modified: Wed, 15 Jul 2015 13:32:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK analytics Show response
go.thebalsamsresort.com/ 50 B
1020 B 505ms
229ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.thebalsamsresort.com/analytics?conly=true&visitor_id=310579168&visitor_id_sign=42d4443407d0a957bb80957f89c9149dc1a9c811b1db921883a9cce870e40477440440ee4a57b7dd029a63307b3071180ccd835f&pi_opt_in=&campaign_id=38886&account_id=967173&title=The%20Balsams%20Resort%20|%20A%20Wilderness%20Renaissance&url=https://thebalsamsresort.com/&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=38886&account_id=967173&title=The%20Balsams%20Resort%20%7C%20A%20Wilderness%20Renaissance&url=https%3A%2F%2Fthebalsamsresort.com%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://thebalsamsresort.com/

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 50
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Tue, 19 Nov 2024 12:56:59 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: thebalsamsresort.com
URL: blob:https://thebalsamsresort.com/e9f62c98-d2c1-406d-bc69-bc15cdbd1ea1

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.thebalsamsresort.com/	1970-01-21 01:07:02	Name: __cf_bm Value: 5VloJzb8dW9rbfPkpwPljgXkFNGD9ILbHxElbsMW0Qg-1732021015-1.0.1.1-nyfqd3RrreRSje6LEJ_oH541th9PfLEVdS6fR7Fu7GWPqTJHjUMcWxqDcPXyFYFf3LdAGlUBhKPg9fGX5m_5JA
.www.thebalsamsresort.com/	1969-12-31 23:59:59	Name: _cfuvid Value: iAcitfHuSI4Tu3DWWZvOGFqKDuqulIBbQTR0gIsIBsw-1732021015902-0.0.1.1-604800000
.thebalsamsresort.com/	1970-01-21 01:07:02	Name: __cf_bm Value: RJ8IKCM5sKqiaqSkcJ0e3PfZQWpw7Rm8A1f_sSmSeNQ-1732021016-1.0.1.1-abN3Xh2nJ1.WUH40eBPYSFeclsEFrj7AD_Iq9Bc6KEQtYllqlxuKg3hZWJzbAUNsMcMUpT.uLM.xSg_4Ma0crg
.thebalsamsresort.com/	1969-12-31 23:59:59	Name: _cfuvid Value: dOvbcTmNHD38K5.9H1g.qZwW1DDvO7k1zmeyfSs9ndg-1732021016644-0.0.1.1-604800000
.fonts.net/	1970-01-21 01:07:02	Name: __cf_bm Value: eei_HkSrZf9NXlEB9cY6X3L.OJyT2YhY2Cwyo.6huqg-1732021017-1.0.1.1-XTwVQrRp0G8j_qE8L8a_Cke6pzv8ZwIVsZOZd8Km10o0qliaAhhE90hNG41RXtSm9MQAAeeT9dYRtK0jxwgMug
.thebalsamsresort.com/	1970-01-21 10:43:01	Name: _ga_J320SV6JND Value: GS1.1.1732021017.1.0.1732021017.60.0.0
.doubleclick.net/	1970-01-21 01:07:01	Name: test_cookie Value: CheckForPermission
.thebalsamsresort.com/	1970-01-21 03:16:37	Name: _fbp Value: fb.1.1732021017918.820044220225859410
.thebalsamsresort.com/	1970-01-21 10:43:01	Name: _ga Value: GA1.2.1650367840.1732021018
.thebalsamsresort.com/	1970-01-21 01:08:27	Name: _gid Value: GA1.2.2084021403.1732021018
.thebalsamsresort.com/	1970-01-21 01:07:01	Name: _dc_gtm_UA-57872818-1 Value: 1
.thebalsamsresort.com/	1970-01-21 03:16:37	Name: PHPSESSID Value: 6037bf509e5fabd6915105833f196866
.pardot.com/	1970-01-21 10:43:01	Name: visitor_id966173 Value: 310579168
.pardot.com/	1970-01-21 10:43:01	Name: visitor_id966173-hash Value: 42d4443407d0a957bb80957f89c9149dc1a9c811b1db921883a9cce870e40477440440ee4a57b7dd029a63307b3071180ccd835f
pi.pardot.com/	1970-01-21 01:07:02	Name: lpv966173 Value: aHR0cHM6Ly90aGViYWxzYW1zcmVzb3J0LmNvbS8%3D
thebalsamsresort.com/	1970-01-21 10:43:01	Name: visitor_id966173 Value: 310579168
thebalsamsresort.com/	1970-01-21 10:43:01	Name: visitor_id966173-hash Value: 42d4443407d0a957bb80957f89c9149dc1a9c811b1db921883a9cce870e40477440440ee4a57b7dd029a63307b3071180ccd835f
go.thebalsamsresort.com/	1970-01-21 10:43:01	Name: visitor_id966173 Value: 310579168
go.thebalsamsresort.com/	1970-01-21 10:43:01	Name: visitor_id966173-hash Value: 42d4443407d0a957bb80957f89c9149dc1a9c811b1db921883a9cce870e40477440440ee4a57b7dd029a63307b3071180ccd835f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balsamseb5.vn
connect.facebook.net
fast.fonts.net
fonts.googleapis.com
go.thebalsamsresort.com
googleads.g.doubleclick.net
pi.pardot.com
pixel.wp.com
region1.analytics.google.com
sp-ao.shortpixel.ai
stats.g.doubleclick.net
stats.wp.com
thebalsamsresort.com
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.thebalsamsresort.com
thebalsamsresort.com
120.72.86.34
142.250.185.163
142.250.185.66
142.250.185.68
157.240.251.9
157.240.253.35
172.217.16.200
172.217.23.99
18.208.125.13
192.0.76.3
2001:4860:4802:34::36
216.58.206.34
2400:52e0:1e00::1079:1
2606:4700:3036::6815:1b98
2606:4700::6810:281c
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9c
3.92.120.28
66.235.200.146
05a7a532d532bcab525a6303ca5e5009870b97b7b1aa40d7ba3575ee65471635
0f75caf9d878724cd73dbc647ce6726d4999c31a6aa5a125901aceef08e5fc14
158d4229f3e698ac913dfe6d00165977641c51ac4e530b28f01290452fb4dafe
15e91b44a97d81738f62b04550ad970966e2fc49d95cf0bdc1df06a0fbf104cd
2167fef313ef000e5f7c733672e0fb51da89f830094c99e68248da1bb21147fe
2d2e48686f326beef8e21fb40b40062d6d305d210e8d0c5e4e3921c007cfc23e
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54834d99c247b2a883c9e0b9f9d87256d47299597b3ab46463dd3b4a91d846ab
5553e77407f03d989df3869d4a2a8185fb232131b30bcdb70fe9637af1343ca0
57247079ec24b9eccca599f90845650fae11db1d35fd48c40f8ea5618b844b2f
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5b667ce0801e7fe7244dbe11fa11a6c5504e7b651ac60e331189804d7fdc5d57
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5d6e7a8c11d1519f3d7fb48cd18352af39ee1fd63a72bcd2c2cd516ca89451b2
5e87be3a91b9765545950e0e5382c2232e1989eed7362afc7701c6ccff10fc80
62e45973fa3e5b98d88e2235f53bb34a8a258bc0df30b046cf6a25af7c378863
66e246cb8ab42ad9fb73877f983412af60896de3d93e89b6f9e21f5fb6072a69
69033291b9ed971456d46cd984149373c1e6ff71eb937bc61f95553a2f404388
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f7316377d786c006f0092056b895532620d438bb3e5491145a54689eeadfc2a
73f46a72bf1300fb46e8103dd0db15a5e0445ef9ad796ad9ad7eb33043d73414
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
862cdcb8034f5af254904e8441139bf502fb86ef9cd3d404649b088ea0850120
8bf637b4bfaf868d476b74820f3afaad655c9f9d5ee390b6de42f1f7dd9ec7c6
8f7557b5ba841c7f740675e52e7a82d4165c148b9dc90804e5a2cce9da4a81c1
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
91d744bf23ae2d21a6565a51934c39e0f8fa6121b958f2998a1979ee7ba2fa9d
9405840157a274a597385053a24aae8c577f15dc7a92946ffbf68f11f7ab7299
9921cfe1568a8d09631a1501dab0027366dff448b6ea0da799e931bbfa13ee28
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9cba91c08143e6437e0fda241a04c4157f99798d463d05724d8fd4fe27dfed1f
9dc1c516ea717c6b66c5723bfa4baa4b78fdda15c1d18374f3064b27d4cc6a7b
a144a2debb8f5767c73d17d18081ffb1a4d5e4006a846aed7f2ebcce13655aee
a5c5c8603c648214b2ee4e0cdd9b54a283518d17b97aae4df18ac9b82c7b963e
a8f61042926cd54073c67dea5d6e2a2adedf81b32cac0c772923bcfd30f4c6ce
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac1a48fa8e1e718f4d44da846cf6afa9d03818a237c2d458e99fc7ba710af22c
ade94b0a7e4417aaff64183516b645a79405d6557ee0c8f0a92e20ab71f4ea0b
af0e7949545217647175902112260cb564f20a25b50448c4b6e9217e26f990e7
b68905f667959be7fe09ecfded7ff9b3c63b90d294c6a3fa458d0fe8dbd04304
b8067faae4222682f3ef53df68ae8d6d483a9b8bddfad8e92246d1870ec8cc81
bb42a78eb608dffeb27426acd19732f9c27997212aa903d337b8cb650fb2041b
c1c6e09a970878a8da33cc0431a70f0ec185031f003a327173510fe425154db9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf0b3cb15da803d6a1bc068bee28366beee59e19e34d7fd72120f9b07582273d
cf7097b599ceb380fe74e4c5aabf6b2bd0763269a1a99ea0d969538659ca2d55
d300da6eb6fdae55a7ac4012a6c6eefb0f509a02ba89e552f833b4258a3c284c
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de2de01d12c6d3460250a951a94d7500b548e8fa4c9b711205613e82eb50468d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2f94cf3a9b5288a18f3cfde5731e23baf07ed1b7d8a168904689e819c270e43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca1f8c351a235cf720c00e4d4ee0042b7fa03f5302f821c1e28965650253c2
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e4d25a886aa72bd3d19130f752ac91a6243b4e49e6b7fb65bac4a4616f9654b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f98e6ff05dbb3f1ab81294d5068e0e6446d0f8a1ec14bee6f468c8d37381b252
ff943683dc355c7e498b12c11894b5e8596bf25bc6718a5016dbcd84568f3c0c

thebalsamsresort.com Open in urlscan Pro 66.235.200.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

82 %HTTPS

38 %IPv6

17 Domains

22 Subdomains

20 IPs

4 Countries

4943 kBTransfer

7448 kBSize

19 Cookies

7 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thebalsamsresort.com Open in urlscan Pro
66.235.200.146 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

82 %
HTTPS

38 %
IPv6

17
Domains

22
Subdomains

20
IPs

4
Countries

4943 kB
Transfer

7448 kB
Size

19
Cookies

68 HTTP transactions
0 data transactions