urlscan.io logo urlscan.io
SecurityTrails logo

www.balcons.com Open in urlscan Pro
34.197.199.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://balcons.com/
Effective URL: https://www.balcons.com/
Submission: On October 03 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 34.197.199.175, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.balcons.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 27th 2019. Valid for: 3 months.
This is the only time www.balcons.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 34.197.199.175 14618 (AMAZON-AES)
19 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.205.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 9
4    34.197.199.175 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-199-175.compute-1.amazonaws.com
balcons.com
www.balcons.com
19    2600:9000:2156:4600:1f:d1f1:b180:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3k0bubvipjfly.cloudfront.net
1    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
Domain Requested by
19 d3k0bubvipjfly.cloudfront.net www.balcons.com
2 www.google.de www.balcons.com
2 www.google.com 1 redirects www.balcons.com
2 bat.bing.com www.balcons.com
2 www.google-analytics.com 1 redirects www.balcons.com
2 www.balcons.com 1 redirects
2 balcons.com 2 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com www.balcons.com
29 11

This site contains links to these domains. Also see Links.

Domain
balcons.com
app.thebookingbutton.com
goo.gl
www.wihphotels.com
Subject Issuer Validity Valid
balcons.com
Let's Encrypt Authority X3		 2019-09-27 -
2019-12-26		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
www.google.de
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.balcons.com/
Frame ID: 5EFB6E9DCFF4BE3B87C339A677B6865B
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://balcons.com/ HTTP 301
    https://balcons.com/ HTTP 301
    http://www.balcons.com/ HTTP 301
    https://www.balcons.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

29
Requests

100 %
HTTPS

80 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

1027 kB
Transfer

1416 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://balcons.com/ HTTP 301
    https://balcons.com/ HTTP 301
    http://www.balcons.com/ HTTP 301
    https://www.balcons.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2065535191&t=pageview&_s=1&dl=https%3A%2F%2Fwww.balcons.com%2F&ul=en-us&de=UTF-8&dt=Grand%20Hotel%20des%20Balcons%20%7C%20Cheap%20Hotel%20Latin%20Quarter%20%7C%20OFFICIAL%20SITE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBACAABB~&jid=1266736692&gjid=118478959&cid=873896407.1570100790&tid=UA-65981375-1&_gid=619213724.1570100790&_r=1&z=162202346 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_gid=619213724.1570100790&gjid=118478959&_v=j79&z=162202346 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_v=j79&z=162202346 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_v=j79&z=162202346&slf_rd=1&random=701865558

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.balcons.com/
Redirect Chain
  • http://balcons.com/
  • https://balcons.com/
  • http://www.balcons.com/
  • https://www.balcons.com/
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.balcons.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.197.199.175 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-199-175.compute-1.amazonaws.com
Software
Apache / PHP/5.6.40
Resource Hash
33854791b731e5137bfcca364832c213ac547ecb4b7ec5e668293e84bfb417b0

Request headers

Host
www.balcons.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 03 Oct 2019 11:06:29 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Set-Cookie
ln_already_redir=1; expires=Thu, 03-Oct-2019 12:06:29 GMT; Max-Age=3600; path=/; domain=.www.balcons.com engineChoosen=bookengine_manual; expires=Sat, 02-Nov-2019 11:06:29 GMT; Max-Age=2592000; path=/; domain=.www.balcons.com
Cache-Control
max-age=604800, public
Expires
Thu, 10 Oct 2019 11:06:29 GMT
Connection
Keep-Alive, close
Keep-Alive
timeout=2, max=500
Etag
7a3331902edd68138d02742093168a34
Pragma
cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6270
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Thu, 03 Oct 2019 11:06:28 GMT
Server
Apache
Location
https://www.balcons.com/
Content-Length
232
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
styles.css.76.css
d3k0bubvipjfly.cloudfront.net/assets/ 		90 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache / PHP/5.6.40
Resource Hash
8530767a556cb04735d27618423180499ba41d84f248eeed15039a1697a9a763

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
cache
date
Wed, 02 Oct 2019 11:55:13 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 05:14:08 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/5.6.40
etag
3eb11ee941dd3d8189631bb9e0c6dc3a
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=604800, public
x-amz-cf-id
ZoEw27LyPHT-gsLAkTVTWOlumCsuUFLP0-zS5PLMy31aRM6Fg8OW2A==
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
expires
Wed, 09 Oct 2019 11:55:13 GMT
logo.png
d3k0bubvipjfly.cloudfront.net/_img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_img/logo.png
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
4f808abb6316d00519b8ad6fe5715923cc4b1e9f99fc8428446cbcbf5316fb92

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:20 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
6537
x-amz-cf-id
5vPXWAyquOvkz5moMoZijjt-UCtFWJHMnlqlvVDmJ8EcgfCfZNuVeQ==
expires
Tue, 31 Mar 2020 07:00:20 GMT
968121-324051_0_0_1500_965_1400_900.rc.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/968121-324051_0_0_1500_965_1400_900.rc.jpg
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
c8dec82c465e9381a0d7ac16a01f347acd7dbd9137fff39f33f631996cca87e2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:50 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
101526
x-amz-cf-id
MTvVj6d2WlNPMC0oSXusJFxD4TJ_olbo8nRTcmFX6_oquD_uW5aczA==
expires
Tue, 07 Apr 2020 10:13:50 GMT
968101-324101_0_0_1600_1008_650_409.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/968101-324101_0_0_1600_1008_650_409.jpg
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
2880f9f51b03ca50e9542e1cf57fdad2243d743e70b447f998d5c0d1fcee0e87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:20 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
44271
x-amz-cf-id
AxleObiwx2zAE7ewOsD1A5CTH4QBNrUcNQyliW0L2RuAy_aSgJ9yHQ==
expires
Tue, 31 Mar 2020 07:00:20 GMT
968111-324291_472_250_1128_710_650_409.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/968111-324291_472_250_1128_710_650_409.jpg
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
aad61f8fff251dbe11b021e9beeac1be2c7b8ce314a81867b4ce485ae0c99bd6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:20 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
29206
x-amz-cf-id
7iaKyycXApActxJZPd3C1IJc397VHCtWSH_mLSHtsgCyPlAkl91XKg==
expires
Tue, 31 Mar 2020 07:00:20 GMT
js
www.googletagmanager.com/gtag/ 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-871982017
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d66bd30b9d23ee4c9b48dd6624ff53b095e9f9ec323f344fa657a1b576ea5437
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 11:06:30 GMT
content-encoding
br
last-modified
Thu, 03 Oct 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27194
x-xss-protection
0
expires
Thu, 03 Oct 2019 11:06:30 GMT
scripts.js.76.js
d3k0bubvipjfly.cloudfront.net/assets/ 		295 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3k0bubvipjfly.cloudfront.net/assets/scripts.js.76.js
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache / PHP/5.6.40
Resource Hash
2d29f926d077e2ca4e46a7c0a5039a90739aca1be8e0c248fe6055527f07c188

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
cache
date
Wed, 02 Oct 2019 11:55:13 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 05:14:08 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/5.6.40
etag
9218d3a401a7a9f45c9298a71a6823af
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800, public
x-amz-cf-id
ogl9ed4l792_BjvmTmT1hRDbMqa00EaaXbOz4SiPSWae3Rikj4BeIw==
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
expires
Wed, 09 Oct 2019 11:55:14 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3384
date
Thu, 03 Oct 2019 10:10:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 03 Oct 2019 12:10:06 GMT
body_bg.jpg
d3k0bubvipjfly.cloudfront.net/_img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_img/body_bg.jpg
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
63985d6f1552f5c37a51937c15d95a961e2ba42cfab65e638fd0d09e6210860f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:21 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
2853
x-amz-cf-id
CMw1Ilo8-3U05sXsRPu4WPO0psw61SlV7zNLVKqbqtgYfxYH8QsOmA==
expires
Tue, 31 Mar 2020 07:00:21 GMT
header_bg.jpg
d3k0bubvipjfly.cloudfront.net/_img/ 		735 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_img/header_bg.jpg
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
ab9cf95e2ee651cd8a40a7a7b738f3a87e08a05be1e5ac08d9f596748891b062

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:21 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
735
x-amz-cf-id
f7BwoW3GYjRY02VgVZbLaLTaYhrzwstFiXeSJ3fS16JhOkdZXLJ6Jg==
expires
Tue, 31 Mar 2020 07:00:21 GMT
flags_14_circles_updated.png
d3k0bubvipjfly.cloudfront.net/_img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_img/flags_14_circles_updated.png
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
c7ffcaeb09bc8ae35b995270025ae634385c850dd8c3bc5b12647876b3f756f7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:49 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
10282
x-amz-cf-id
YKVDoAjELACs-RdWua5ivL2ZWuM2GxQtKEMiJwiY1bDMu9Z60GmaTg==
expires
Tue, 07 Apr 2020 10:13:49 GMT
usp_bg.png
d3k0bubvipjfly.cloudfront.net/_img/ 		96 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_img/usp_bg.png
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
adfae0f3fb1434625b251575c4137c92f944be664afad5a060d3c3455ce498b7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:46:31 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
96
x-amz-cf-id
2loCUTPW41J3vu22LmwpV_bUR8C-xU0tK7tarxlBKqYJWub0oQt55g==
expires
Tue, 31 Mar 2020 07:46:31 GMT
slider_arrows.png
d3k0bubvipjfly.cloudfront.net/_img/ 		275 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_img/slider_arrows.png
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
005efa0bbc9f9c74cfaaf2589b01823b9265b5e87a1b14ae2642341d443103da

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:46:31 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
275
x-amz-cf-id
HaY_A3om5piwlIYIBf8nj4RLMU8Ppt9T7m2NLeuMg6j3Lgbtg4yvRw==
expires
Tue, 31 Mar 2020 07:46:31 GMT
museosans-300-webfont.woff
d3k0bubvipjfly.cloudfront.net/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3k0bubvipjfly.cloudfront.net/fonts/museosans-300-webfont.woff
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
356250556f6ba5ed9bff59c3826068598b00d7725ea546cff5644c83b9518ae7

Request headers

Sec-Fetch-Mode
cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
Origin
https://www.balcons.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:50 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
24600
x-amz-cf-id
-VWVbo706Miq8toOvaeLudvp0Vq5xsEppQai-NnJuUkBVOkujsoYVA==
fontello.woff
d3k0bubvipjfly.cloudfront.net/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3k0bubvipjfly.cloudfront.net/fonts/fontello.woff
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
3235884e97ee041a422bbfa221204faca37b2849ce5ab4d5ff82f02a4dbba8db

Request headers

Sec-Fetch-Mode
cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
Origin
https://www.balcons.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:50 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
6664
x-amz-cf-id
CTfImEaYHhFFFcUVeDy211NJsCpDCS4-qp3LLJFu4Y_rdx7yufZMjA==
asap-regular-webfont.woff
d3k0bubvipjfly.cloudfront.net/fonts/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3k0bubvipjfly.cloudfront.net/fonts/asap-regular-webfont.woff
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
64135e0659889de98635939509cf35910ccff3a9cce1415d9abb1972229aaf45

Request headers

Sec-Fetch-Mode
cors
Referer
https://d3k0bubvipjfly.cloudfront.net/assets/styles.css.76.css
Origin
https://www.balcons.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:50 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
25768
x-amz-cf-id
EuNUtZeVbRMO-nbsjZ_kotbj2LdsZH5BhjGcOOXZxb0tlzgU3qYz_g==
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 11:06:29 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: 5F00C9752A024725BEE2DA76855C8539 Ref B: VIEEDGE0411 Ref C: 2019-10-03T11:06:30Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2065535191&t=pageview&_s=1&dl=https%3A%2F%2Fwww.balcons.com%2F&ul=en-us&de=UTF-8&dt=Grand%20Hotel%20des%20Balcons%20%7C%20Cheap%20Hotel...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_gid=619213724.1570100790&gjid=118478959&_v=j79&z=162202346
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_v=j79&z=162202346
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_v=j79&z=162202346&slf_rd=1&random=701865558
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_v=j79&z=162202346&slf_rd=1&random=701865558
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 11:06:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Oct 2019 11:06:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65981375-1&cid=873896407.1570100790&jid=1266736692&_v=j79&z=162202346&slf_rd=1&random=701865558
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-871982017
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
a6b5e22c905bbb22ce9e7aad76eeca32474b5ba7c932893d554b0edfddc7f9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 03 Oct 2019 11:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9184
x-xss-protection
0
server
cafe
etag
4597387999763492622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Oct 2019 11:06:30 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=11005668&Ver=2&mid=67a9e842-1ec4-7e15-f586-0e8cac56aebe&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Grand%20Hotel%20des%20Balcons%20%7C%20Cheap%20Hotel%20Latin%20Quarter%20%7C%20OFFICIAL%20SITE&p=https%3A%2F%2Fwww.balcons.com%2F&r=&lt=1978&evt=pageLoad&msclkid=N&rn=71988
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 03 Oct 2019 11:06:29 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B6A60A66D1C34C2497B7E53F073B9E9B Ref B: VIEEDGE0411 Ref C: 2019-10-03T11:06:30Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/871982017/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871982017/?random=1570100790118&cv=9&fst=1570100790118&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9p0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.balcons.com%2F&tiba=Grand%20Hotel%20des%20Balcons%20%7C%20Cheap%20Hotel%20Latin%20Quarter%20%7C%20OFFICIAL%20SITE&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f70f3812b432f3e0f529d4c02ded21ba354a8d36b585de3e054541c0a0277ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 11:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
985
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/871982017/ 		42 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/871982017/?random=1570100790118&cv=9&fst=1570100400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.balcons.com%2F&tiba=Grand%20Hotel%20des%20Balcons%20%7C%20Cheap%20Hotel%20Latin%20Quarter%20%7C%20OFFICIAL%20SITE&async=1&fmt=3&is_vtc=1&random=3149034257&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 11:06:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/871982017/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/871982017/?random=1570100790118&cv=9&fst=1570100400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9p0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.balcons.com%2F&tiba=Grand%20Hotel%20des%20Balcons%20%7C%20Cheap%20Hotel%20Latin%20Quarter%20%7C%20OFFICIAL%20SITE&async=1&fmt=3&is_vtc=1&random=3149034257&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.balcons.com
URL: https://www.balcons.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Oct 2019 11:06:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1685651-570751_0_0_1600_1029_1400_900.rc.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/1685651-570751_0_0_1600_1029_1400_900.rc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
4d5d2cdaad7997d3dbc2254b717ce6edcc0cbf37c2f33b089854c7dd5d50fdae

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:52 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
138420
x-amz-cf-id
bI-LGSXSJ1K2iIhC5YOTp9fYK7CPmbKPxjcb-rs_pQfLZ5kVKRafNA==
expires
Tue, 07 Apr 2020 10:13:52 GMT
968191-324061_0_35_1500_965_1400_900.rc.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/968191-324061_0_35_1500_965_1400_900.rc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
2b994fb839835861c3b06ed9bd6c72a711293dd6d7d248494ead2dd313dc4038

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:23 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
88050
x-amz-cf-id
IqcKaKuAoe70CEgOf8CjDzIHBF48Z1tz1G4q2QGyZy264mtkGmLf5Q==
expires
Tue, 31 Mar 2020 07:00:23 GMT
1685661-570791_0_353_1600_1029_1400_900.rc.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/1685661-570791_0_353_1600_1029_1400_900.rc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
3599c302c15edc82f1f458129cfe3a788c6f41e093f19d3b03b94573ad445dc9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 10:13:53 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
135001
x-amz-cf-id
hkpRVQ9p5lQq2XaL4Pu_gIFz0dkha31fcgHgyTV56YVrWrMPMrfFZQ==
expires
Tue, 07 Apr 2020 10:13:53 GMT
968201-324071_0_35_1500_965_1400_900.rc.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/968201-324071_0_35_1500_965_1400_900.rc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
ee9da5bcc9c10bbac50287313525456bec7d73144ec9959c30316e6acbc654cf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:24 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
96067
x-amz-cf-id
l-Ku2PHM8gFKCSPocAnjlWfUrQPs0ilgABmwLy9BAEUtordSFtpqyw==
expires
Tue, 31 Mar 2020 07:00:24 GMT
1685641-570781_29_0_1571_1010_1400_900.rc.jpg
d3k0bubvipjfly.cloudfront.net/_novaimg/ 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3k0bubvipjfly.cloudfront.net/_novaimg/1685641-570781_29_0_1571_1010_1400_900.rc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4600:1f:d1f1:b180:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
b451b5655803c80da405c551dfb7684889cafc4ce3b39ce84619eb9ca25398cc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.balcons.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:00:25 GMT
via
1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
last-modified
Tue, 31 Aug 2001 00:00:00 GMT
server
Apache
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=28598400, public
accept-ranges
bytes
content-length
159809
x-amz-cf-id
6tg6RafD911I7BF4IrfaY6hpWiw3HLJezKrwfLf3gKzMUm-uC7E4dA==
expires
Tue, 31 Mar 2020 07:00:25 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| pload object| pnl function| $$ object| pnla function| $$$ string| GoogleAnalyticsObject function| ga function| novajsloader function| gtag object| dataLayer object| uetq object| nova_post2js function| getbyclass object| tohide object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| dialogv2 object| dialogmaster function| nova_utility object| nova_utils function| novautils_pulsarPreload object| novarefhidden function| fadeInAfterLoad function| asrc_sequenceload function| novahtmlslider function| novahtmlslider_easyconfig function| novaMontage function| novahover function| nova_imagelistfader function| novabox function| convertggmap function| sendMyMail function| hightlit2 function| fadeOutFadeInThanks2 string| META_SHARED_URL function| loadAdditive function| loadcss2 function| pulsarPreload function| novacmsmode string| G_TLD_LIST function| parseUri function| is_empty function| get_domain_tld function| wihp_get_domain function| formatMoney function| class_gdpr object| wihp_ga_event_tracking function| $ function| jQuery function| DP_jQuery_1570100790085 object| jQuery171009735804886842359 object| classgdpr function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| _pulsarDocLoad number| useLeft number| useWidth object| slideObj number| maxzoom_width number| maxzoom_height number| $newHeight number| ecommerce_customlinks object| novacmsadm

5 Cookies

Domain/Path Name / Value
.balcons.com/ Name: _gat
Value: 1
.balcons.com/ Name: _gid
Value: GA1.2.619213724.1570100790
.balcons.com/ Name: _ga
Value: GA1.2.873896407.1570100790
.www.balcons.com/ Name: engineChoosen
Value: bookengine_manual
.www.balcons.com/ Name: ln_already_redir
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balcons.com
bat.bing.com
d3k0bubvipjfly.cloudfront.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
www.balcons.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
216.58.205.226
2600:9000:2156:4600:1f:d1f1:b180:21
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2008
2a00:1450:4001:818::2002
2a00:1450:4001:81c::2003
2a00:1450:400c:c00::9a
34.197.199.175
005efa0bbc9f9c74cfaaf2589b01823b9265b5e87a1b14ae2642341d443103da
2880f9f51b03ca50e9542e1cf57fdad2243d743e70b447f998d5c0d1fcee0e87
2b994fb839835861c3b06ed9bd6c72a711293dd6d7d248494ead2dd313dc4038
2d29f926d077e2ca4e46a7c0a5039a90739aca1be8e0c248fe6055527f07c188
3235884e97ee041a422bbfa221204faca37b2849ce5ab4d5ff82f02a4dbba8db
33854791b731e5137bfcca364832c213ac547ecb4b7ec5e668293e84bfb417b0
356250556f6ba5ed9bff59c3826068598b00d7725ea546cff5644c83b9518ae7
3599c302c15edc82f1f458129cfe3a788c6f41e093f19d3b03b94573ad445dc9
4d5d2cdaad7997d3dbc2254b717ce6edcc0cbf37c2f33b089854c7dd5d50fdae
4f808abb6316d00519b8ad6fe5715923cc4b1e9f99fc8428446cbcbf5316fb92
63985d6f1552f5c37a51937c15d95a961e2ba42cfab65e638fd0d09e6210860f
64135e0659889de98635939509cf35910ccff3a9cce1415d9abb1972229aaf45
8530767a556cb04735d27618423180499ba41d84f248eeed15039a1697a9a763
a6b5e22c905bbb22ce9e7aad76eeca32474b5ba7c932893d554b0edfddc7f9e2
aad61f8fff251dbe11b021e9beeac1be2c7b8ce314a81867b4ce485ae0c99bd6
ab9cf95e2ee651cd8a40a7a7b738f3a87e08a05be1e5ac08d9f596748891b062
adfae0f3fb1434625b251575c4137c92f944be664afad5a060d3c3455ce498b7
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b451b5655803c80da405c551dfb7684889cafc4ce3b39ce84619eb9ca25398cc
c7ffcaeb09bc8ae35b995270025ae634385c850dd8c3bc5b12647876b3f756f7
c8dec82c465e9381a0d7ac16a01f347acd7dbd9137fff39f33f631996cca87e2
d66bd30b9d23ee4c9b48dd6624ff53b095e9f9ec323f344fa657a1b576ea5437
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9da5bcc9c10bbac50287313525456bec7d73144ec9959c30316e6acbc654cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70f3812b432f3e0f529d4c02ded21ba354a8d36b585de3e054541c0a0277ab0