www.hotairballoonrides.com Open in urlscan Pro
199.250.222.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hotairballonrides.com/
Effective URL:
https://www.hotairballoonrides.com/
Submission: On November 29 via api (November 29th 2024, 5:38:05 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 13 domains to perform 66 HTTP transactions. The main IP is 199.250.222.174, located in United States and belongs to IMH-IAD, US. The main domain is www.hotairballoonrides.com.
TLS certificate: Issued by R10 on November 13th 2024. Valid for: 3 months.

This is the only time www.hotairballoonrides.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
38	199.250.222.174 199.250.222.174	54641 (IMH-IAD) (IMH-IAD)
2	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
4	151.101.130.40 151.101.130.40	54113 (FASTLY) (FASTLY)
1 3	151.101.2.83 151.101.2.83	54113 (FASTLY) (FASTLY)
7	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	108.181.19.107 108.181.19.107	40676 (AS40676) (AS40676)
1	172.96.166.74 172.96.166.74	63018 (DEDICATED) (DEDICATED)
1	2607:f8b0:400... 2607:f8b0:4004:c21::5d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::68	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::5e	15169 (GOOGLE) (GOOGLE)
1	151.101.66.83 151.101.66.83	54113 (FASTLY) (FASTLY)
66	13

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

hotairballonrides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 199.250.222.174 (United States)

ASN54641 (IMH-IAD, US)
PTR: ded2609.inmotionhosting.com

www.hotairballoonrides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.40 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.83 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.jscache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.181.19.107 (Los Angeles, United States) 1 redirects

ASN40676 (AS40676, US)

bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.96.166.74 (New York, United States)

ASN63018 (DEDICATED, US)

www-14p.bookeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::5d (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::68 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.83 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	hotairballoonrides.com www.hotairballoonrides.com	2 MB
7	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4382	31 KB
4	gstatic.com fonts.gstatic.com	71 KB
4	tripadvisor.com www.tripadvisor.com — Cisco Umbrella Rank: 11553	12 KB
3	tacdn.com static.tacdn.com — Cisco Umbrella Rank: 14541	37 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
2	bookeo.com 1 redirects bookeo.com — Cisco Umbrella Rank: 169638 www-14p.bookeo.com	201 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	175 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
1	jscache.com 1 redirects www.jscache.com — Cisco Umbrella Rank: 22868	841 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	hotairballonrides.com 1 redirects hotairballonrides.com	309 B
66	13

	Domain	Requested by
38	www.hotairballoonrides.com	www.hotairballoonrides.com
7	static.addtoany.com	www.hotairballoonrides.com static.addtoany.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.tripadvisor.com	www.hotairballoonrides.com www.jscache.com
3	static.tacdn.com	www.tripadvisor.com static.tacdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.hotairballoonrides.com www.googletagmanager.com
1	www.google.com	www.hotairballoonrides.com
1	www.youtube.com	www.hotairballoonrides.com
1	www-14p.bookeo.com	www.hotairballoonrides.com
1	bookeo.com	1 redirects
1	www.jscache.com	1 redirects
1	fonts.googleapis.com	www.hotairballoonrides.com
1	hotairballonrides.com	1 redirects
66	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.pinterest.com
www.instagram.com
www.tripadvisor.com
bookeo.com
www.google.com
www.addtoany.com
foursquare.com
www.yelp.com
balloonridepros.com
www.archmorebusinessweb.com

Subject Issuer	Validity	Valid
hotairballoonrides.com R10	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
www.tripadvisor.com GlobalSign RSA OV SSL CA 2018	`2024-05-23` - `2025-06-24`	a year	crt.sh
static.addtoany.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.bookeo.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-04` - `2025-03-09`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
static.tacdn.com GlobalSign RSA OV SSL CA 2018	`2024-02-23` - `2025-03-26`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.hotairballoonrides.com/
Frame ID: 897209D92BCD8F2DD809D098D9C730DF
Requests: 61 HTTP requests in this frame

Frame: https://www-14p.bookeo.com/bookeo/reviews_list.html?aguid=213XU9CUK13C255A3AA9&ctlsrc2=U1BuESfaVEPdSoUtTtzWdc0ZRwA1aiiF2Vq%2F4Tcr5GU%3D&src=03v&rows=4&columns=2
Frame ID: 98EFDFFBF29849911CA31A5197E575ED
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/pNUD_atNylE
Frame ID: 3E5067F226C5B05E6FD12FB2403D6207
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3080.6407515757655!2d-84.25592068463311!3d39.454851079488506!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8840ed875b35d3bb%3A0x45b0fde7717499e5!2sGentle+Breeze+Hot+Air+Balloon+Company%2C+Ltd!5e0!3m2!1sen!2sus!4v1548360886246
Frame ID: AFC75AF65325FDCAB19E0DE182C91AB6
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 65D79F988B043D6E91D4ACB0CE5E1A75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Gentle Breeze Hot Air Balloon Rides - Gentle Breeze Hot Air Ballooon Rides

Page URL History Show full URLs

https://hotairballonrides.com/ HTTP 301
http://www.hotairballoonrides.com/ HTTP 307
https://www.hotairballoonrides.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Tripadviser.Widget (Widgets) Expand

Overall confidence: 100%
Detected patterns

tripadvisor\.[\w]+/WidgetEmbed

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

66
Requests

97 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

13
IPs

1
Countries

2501 kB
Transfer

8219 kB
Size

8
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HotAirBalloonRides

Search URL Search Domain Scan URL

URL: https://twitter.com/balloonrides

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HotAirBalloonRidesCo

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/GBHABrides/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gentlebreeze.hotairballoon

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Attraction_Review-g50541-d4368334-Reviews-Gentle_Breeze_Hot_Air_Balloons-Lebanon_Ohio.html

Search URL Search Domain Scan URL

URL: https://bookeo.com/hotairballoonrides?category=21343XFTJ13C255E0953
Title: Schedule Now!

Search URL Search Domain Scan URL

URL: https://bookeo.com/hotairballoonrides?type=213WLAF6Y13DC8F83781
Title: PRIVATE Rides

Search URL Search Domain Scan URL

URL: https://bookeo.com/hotairballoonrides?type=213LC9XTJ13E6CAA278E
Title: STANDARD Rides

Search URL Search Domain Scan URL

URL: https://bookeo.com/hotairballoonrides?type=2136EJJ3L13C255E0956
Title: SHARED Rides

Search URL Search Domain Scan URL

URL: https://bookeo.com/go/213XU9CUK13C255A3AA9/buyvoucher
Title: Gift Vouchers

Search URL Search Domain Scan URL

URL: https://bookeo.com/go/213XU9CUK13C255A3AA9/voucher
Title: Redeem Gift Voucher

Search URL Search Domain Scan URL

URL: https://bookeo.com/hotairballoonrides/customer
Title: Login

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/UserReview-g50541-d4368334-Gentle_Breeze_Hot_Air_Balloons-Lebanon_Ohio.html
Title: Write a review

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//Gentle+Breeze+Hot+Air+Balloon+Company,+Ltd,+2460+Greentree+Rd,+Lebanon,+OH+45036/@39.4548511,-84.2559207,17z/data=!4m8!4m7!1m0!1m5!1m1!1s0x8840ed875b35d3bb:0x45b0fde7717499e5!2m2!1d-84.253732!2d39.4548511
Title: Get Directions to Gentle Breeze Hot Air Balloon Co.

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.hotairballoonrides.com%2F&title=Welcome%20to%20Gentle%20Breeze%20Hot%20Air%20Balloon%20Rides%20-%20Gentle%20Breeze%20Hot%20Air%20Ballooon%20Rides
Title: Share

Search URL Search Domain Scan URL

URL: https://foursquare.com/v/gentle-breeze-hot-air-balloon-company-ltd/4e3bc41d8877b00cfc2fc036
Title: Foursquare

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/gentle-breeze-hot-air-balloon-company-lebanon-2
Title: Yelp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gentlebreeze.hotairballoon/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://balloonridepros.com/

Search URL Search Domain Scan URL

URL: https://www.archmorebusinessweb.com/
Title: Website designed by Archmore Business Web

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hotairballonrides.com/ HTTP 301
http://www.hotairballoonrides.com/ HTTP 307
https://www.hotairballoonrides.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.jscache.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2 HTTP 301
https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2

Request Chain 34

https://bookeo.com/hotairballoonrides/reviews?rows=4&columns=2 HTTP 302
https://www-14p.bookeo.com/bookeo/reviews_list.html?aguid=213XU9CUK13C255A3AA9&ctlsrc2=U1BuESfaVEPdSoUtTtzWdc0ZRwA1aiiF2Vq%2F4Tcr5GU%3D&src=03v&rows=4&columns=2

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hotairballoonrides.com/
Redirect Chain

https://hotairballonrides.com/
http://www.hotairballoonrides.com/
https://www.hotairballoonrides.com/

122 KB
123 KB

1067ms
709ms

Document
text/html

199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

1124c550a8d975b2ddcbb39dc2f7ac42b112082124fa117813a16fa30a87a792

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 29 Nov 2024 17:37:48 GMT
Keep-Alive: timeout=5, max=100
Link: <https://www.hotairballoonrides.com/wp-json/>; rel="https://api.w.org/", <https://www.hotairballoonrides.com/wp-json/wp/v2/pages/6>; rel="alternate"; title="JSON"; type="application/json", <https://www.hotairballoonrides.com/>; rel=shortlink
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=63072000 max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block;

Redirect headers

Location: https://www.hotairballoonrides.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 234ms
77ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139882029-1

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

158b193366018e086e1f3ca1faf6d1972fe9c23d83884713750c287b3ebff928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 17:37:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 17:37:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 29 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81606
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK style.min.css
www.hotairballoonrides.com/wp-includes/css/dist/block-library/ 112 KB
112 KB 60ms
43ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-includes/css/dist/block-library/style.min.css?ver=5bddee8f17e17188e715f5499f7110ea

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 114706
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 13 Nov 2024 15:22:48 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK be.css
www.hotairballoonrides.com/wp-content/themes/betheme/css/ 470 KB
471 KB 121ms
35ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/css/be.css?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

d8c9ece213e8e2c9802ede1c303b133bdece7af8aea682d44d2887966366a9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 481715
Keep-Alive: timeout=5, max=100
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK animations.min.css
www.hotairballoonrides.com/wp-content/themes/betheme/assets/animations/ 58 KB
58 KB 142ms
52ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 59453
Keep-Alive: timeout=5, max=100
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fontawesome.css
www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/ 59 KB
60 KB 140ms
50ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 60701
Keep-Alive: timeout=5, max=100
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK jplayer.blue.monday.min.css
www.hotairballoonrides.com/wp-content/themes/betheme/assets/jplayer/css/ 9 KB
10 KB 139ms
47ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 9711
Keep-Alive: timeout=5, max=100
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK responsive.css
www.hotairballoonrides.com/wp-content/themes/betheme/css/ 67 KB
67 KB 145ms
53ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/css/responsive.css?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

eddbcbc672aeb7244efe5fae67ab6eddfa9ff135809dd9efb3457e6cf52afc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 68628
Keep-Alive: timeout=5, max=100
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 38 KB
3 KB 194ms
65ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBubblegum+Sans%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=5bddee8f17e17188e715f5499f7110ea

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5560c17a29221d5c73ce1a8381a5d779db582135db50fbb9da5601fa49cf390f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 17:37:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 17:37:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 29 Nov 2024 17:37:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK masterslider.main.css
www.hotairballoonrides.com/wp-content/plugins/master-slider/public/assets/css/ 63 KB
64 KB 158ms
55ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/plugins/master-slider/public/assets/css/masterslider.main.css?ver=3.10.0

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

e676146b17d887b78bab90f2f65858958bef9f0b25aa2b89a95d300a4c072748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 64689
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 20 Aug 2024 18:37:20 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK custom.css
www.hotairballoonrides.com/wp-content/uploads/master-slider/ 1 KB
1 KB 210ms
48ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/master-slider/custom.css?ver=6

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

690aab4743662ad84513d24193d23fab79279bba2996a1e4f3933d5ebe17c404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 1054
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 17:37:48 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 25 Sep 2024 18:48:06 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK jquery.min.js Show response
www.hotairballoonrides.com/wp-includes/js/jquery/ 86 KB
86 KB 292ms
97ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 87553
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 29 Aug 2023 03:14:24 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.hotairballoonrides.com/wp-includes/js/jquery/ 13 KB
14 KB 303ms
115ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 13577
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Fri, 09 Jun 2023 15:49:24 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK GentleBreeze-Logo-1.png
www.hotairballoonrides.com/wp-content/uploads/ 88 KB
88 KB 86ms
85ms Image
image/png 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/GentleBreeze-Logo-1.png

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

285f3976bba66e59ee3acf9b5efed9d33f5f2f4a5b91cf55512f8c78f6b4a95e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 90029
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:00:58 GMT
Content-Type: image/png
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK gentle-breeze-video-standin.jpg
www.hotairballoonrides.com/wp-content/uploads/ 45 KB
45 KB 115ms
114ms Image
image/jpeg 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/gentle-breeze-video-standin.jpg

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

d5c9ad7e71b368a2378dc92bdb901abe6ba530c78a2c9a8414000599e4536a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 46084
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:00:28 GMT
Content-Type: image/jpeg
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK Shared-Image.jpg
www.hotairballoonrides.com/wp-content/uploads/ 161 KB
161 KB 63ms
49ms Image
image/jpeg 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/Shared-Image.jpg

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

958c6f5ef24a1c60d3ad150a3839661b99ee2e5b5697fa5a7fa482df81e63aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 164922
Keep-Alive: timeout=5, max=97
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 24 Apr 2019 03:40:10 GMT
Content-Type: image/jpeg
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK DSCN2706.JPG.jpg
www.hotairballoonrides.com/wp-content/uploads/ 62 KB
63 KB 64ms
50ms Image
image/jpeg 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/DSCN2706.JPG.jpg

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

a6bc1637dff5f1b09f1936a4d9567fea63c73e24bc2a73943cbac0e016dbace2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 63852
Keep-Alive: timeout=5, max=95
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 24 Apr 2019 04:15:08 GMT
Content-Type: image/jpeg
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 150_logo-11900-2.png
www.tripadvisor.com/img/cdsi/img2/branding/ 2 KB
3 KB 280ms
43ms Image
image/png 151.101.130.40
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.com/img/cdsi/img2/branding/150_logo-11900-2.png
Requested by: Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 0170ac187ee3fb6bd4f2b84c6e49a54cab9700d7773e2e1423dc01b4fc562f95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e6cf3b14-40fa-47ce-ac56-e50541eb97be
cache-control: private, max-age=43200
timing-allow-origin: https://www.tripadvisor.com
x-timer: S1732901869.459370,VS0,VE20
via: 1.1 varnish
expires: Sat, 30 Nov 2024 05:37:49 GMT
accept-ranges: bytes
x-cache: MISS
date: Fri, 29 Nov 2024 17:37:49 GMT
content-type: image/png
x-served-by: cache-ewr-kewr1740020-EWR
server: envoy
x-cache-hits: 0

GET
H2

200

wejs Show response
www.tripadvisor.com/
Redirect Chain

https://www.jscache.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2

337 B
727 B

63ms
52ms

Script
application/x-javascript

151.101.130.40
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
Requested by: Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/
Protocol: H2
Server: 151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 30a724fd160abc261b47634b475945b5d1979ab40c9e7093d4af0dd287b77c26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: 903d65c7-2f58-4e37-8315-350102214a62
content-encoding: br
expires: 0
x-cache: MISS
date: Fri, 29 Nov 2024 17:37:49 GMT
content-type: application/x-javascript;charset=UTF-8
x-served-by: cache-ewr-kewr1740020-EWR
x-cache-hits: 0
vary: Accept-Encoding
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
pragma: no-cache
x-timer: S1732901870.598928,VS0,VE28
via: 1.1 varnish
accept-ranges: bytes
server: envoy

Redirect headers

x-request-id: 6983d92c-9271-4c70-9246-486a77f24798
cache-control: no-cache,no-store,must-revalidate
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
timing-allow-origin: https://www.tripadvisor.com
pragma: no-cache
x-timer: S1732901869.378222,VS0,VE18
via: 1.1 varnish
expires: 0
accept-ranges: bytes
x-cache: MISS
content-length: 0
date: Fri, 29 Nov 2024 17:37:49 GMT
x-served-by: cache-ewr-kewr1740070-EWR
server: envoy
x-cache-hits: 0

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 236ms
82ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"3ae23968c16ec39faa9f97db5ea5195b"
age: 20137
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8plQ03b0EPNHfzqdnivOCtXJ%2BVjlqIsU6nd%2FDnhEvGJAYWwHRyBrO6Pn2YNLetlVnDeF2lM5qDo42F6KNyUngdY1YaC3%2Fqq5AF3Q4Nfg0h0Ts4lzYnVec%2FMYoolF7yVqq1CsEQmW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 17:37:49 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ea45e2baae48c3f-EWR
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 200
OK pro-ride-operators-logo.png
www.hotairballoonrides.com/wp-content/uploads/ 97 KB
97 KB 58ms
46ms Image
image/png 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/pro-ride-operators-logo.png

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

249910f1f5ed4ca50e6c12b06088cf4b73d2eac5735889cd1e478a6b7a8ceb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 99090
Keep-Alive: timeout=5, max=96
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 09 May 2019 13:01:48 GMT
Content-Type: image/png
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK trip-advisor-coe2016.png
www.hotairballoonrides.com/wp-content/uploads/ 64 KB
65 KB 272ms
40ms Image
image/png 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/trip-advisor-coe2016.png

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

5fa8f975dc6cf87993574de6ae458728386f92f66880726956accedd736173d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 65942
Keep-Alive: timeout=5, max=96
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 09 May 2019 13:17:15 GMT
Content-Type: image/png
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK post-6.css
www.hotairballoonrides.com/wp-content/uploads/betheme/css/ 0
409 B 37ms
34ms Stylesheet
text/css 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/betheme/css/post-6.css?ver=1732901868

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 13 Nov 2024 21:58:19 GMT
Content-Type: text/css
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK core.min.js Show response
www.hotairballoonrides.com/wp-includes/js/jquery/ui/ 21 KB
21 KB 39ms
37ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 21464
Keep-Alive: timeout=5, max=97
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 16 Jul 2024 18:33:14 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK tabs.min.js Show response
www.hotairballoonrides.com/wp-includes/js/jquery/ui/ 12 KB
12 KB 53ms
52ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.3

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 12008
Keep-Alive: timeout=5, max=97
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 16 Jul 2024 18:33:14 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK debouncedresize.min.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/ 472 B
890 B 62ms
57ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 472
Keep-Alive: timeout=5, max=99
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK magnificpopup.min.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/ 20 KB
20 KB 63ms
60ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 20240
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK menu.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/ 3 KB
3 KB 64ms
60ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/menu.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 2859
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK visible.min.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/ 608 B
1 KB 62ms
56ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 608
Keep-Alive: timeout=5, max=97
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK animations.min.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/assets/animations/ 2 KB
2 KB 47ms
40ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 1830
Keep-Alive: timeout=5, max=98
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK jplayer.min.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/assets/jplayer/ 51 KB
52 KB 49ms
41ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 52577
Keep-Alive: timeout=5, max=96
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK enllax.min.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/ 2 KB
2 KB 46ms
38ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 1540
Keep-Alive: timeout=5, max=96
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK translate3d.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/parallax/ 4 KB
5 KB 63ms
52ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

46b72bb79ade4d97302ba48a4ddc457f85a830381bd38a95156bd5a52533324b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 4193
Keep-Alive: timeout=5, max=97
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK scripts.js Show response
www.hotairballoonrides.com/wp-content/themes/betheme/js/ 153 KB
154 KB 42ms
37ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/js/scripts.js?ver=27.5.13

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

685048a4acb6f77e870b8c054d08d458856320e35714d775dea489c0f29d36ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 157125
Keep-Alive: timeout=5, max=96
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:09 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET a24934f5-24af-418a-aeec-29330308d7d2
https://www.hotairballoonrides.com/ Frame 0
0

GET
H/1.1

200
OK

reviews_list.html
www-14p.bookeo.com/bookeo/ Frame 98EF
Redirect Chain

https://bookeo.com/hotairballoonrides/reviews?rows=4&columns=2
https://www-14p.bookeo.com/bookeo/reviews_list.html?aguid=213XU9CUK13C255A3AA9&ctlsrc2=U1BuESfaVEPdSoUtTtzWdc0ZRwA1aiiF2Vq%2F4Tcr5GU%3D&src=03v&rows=4&columns=2

0
0

599ms
109ms

Document
text/html

172.96.166.74
DEDICATED

General

Check archive.org

Show headers Download Go to

Full URL

https://www-14p.bookeo.com/bookeo/reviews_list.html?aguid=213XU9CUK13C255A3AA9&ctlsrc2=U1BuESfaVEPdSoUtTtzWdc0ZRwA1aiiF2Vq%2F4Tcr5GU%3D&src=03v&rows=4&columns=2

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.96.166.74 New York, United States, ASN63018 (DEDICATED, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-US
Content-Length: 1784
Content-Type: text/html;charset=utf-8
Date: Fri, 29 Nov 2024 17:37:50 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, User-Agent
X-Bookeo-ResponseId: 14p_19379001b0a

Redirect headers

content-length: 0
date: Fri, 29 Nov 2024 17:37:49 GMT
location: https://www-14p.bookeo.com/bookeo/reviews_list.html?aguid=213XU9CUK13C255A3AA9&ctlsrc2=U1BuESfaVEPdSoUtTtzWdc0ZRwA1aiiF2Vq%2F4Tcr5GU%3D&src=03v&rows=4&columns=2
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN

GET
H/1.1 206
Partial Content gentle-breeze-main-banner.mp4
www.hotairballoonrides.com/wp-content/uploads/ 33 KB
0 48ms
36ms Media
video/mp4 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/gentle-breeze-main-banner.mp4

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.hotairballoonrides.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Content-Range: bytes 0-5383233/5383234
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5383234
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:00:49 GMT
Content-Type: video/mp4
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 pNUD_atNylE
www.youtube.com/embed/ Frame 3E50 0
0 279ms
111ms Document
text/html 2607:f8b0:4004:c21::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/pNUD_atNylE

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce--7dpWUb_3nxPA5kVV0gcuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 17:37:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 embed
www.google.com/maps/ Frame AFC7 0
0 365ms
214ms Document
text/html 2607:f8b0:4004:c1d::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3080.6407515757655!2d-84.25592068463311!3d39.454851079488506!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x8840ed875b35d3bb%3A0x45b0fde7717499e5!2sGentle+Breeze+Hot+Air+Balloon+Company%2C+Ltd!5e0!3m2!1sen!2sus!4v1548360886246

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-dcGsMCbu43ipejNGRJ_ybw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1368
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-dcGsMCbu43ipejNGRJ_ybw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 17:37:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
94 KB 104ms
68ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W5HB8LZT0X&l=dataLayer&cx=c&gtm=457e4bk0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139882029-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29f260e54f6efec3169934d2bc930a7d66cfd5b10fc51a78ff802f25c7e7c508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 29 Nov 2024 17:37:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 17:37:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96350
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 211ms
31ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139882029-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 3848
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 18:33:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 16:33:41 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 537ms
36ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBubblegum+Sans%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=5bddee8f17e17188e715f5499f7110ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://fonts.googleapis.com/

Response headers

age: 97603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 14:31:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 14:31:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK icons.woff2
www.hotairballoonrides.com/wp-content/themes/betheme/fonts/mfn/ 70 KB
71 KB 52ms
30ms Font
font/woff2 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/mfn/icons.woff2?11083851

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/wp-content/themes/betheme/css/be.css?ver=27.5.13

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

c0fa90ca6e7303bfcf6bfa7d412e8fc370c8c9b5188a6700a902be3ecc9e9456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://www.hotairballoonrides.com/wp-content/themes/betheme/css/be.css?ver=27.5.13

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 72136
Keep-Alive: timeout=5, max=97
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: font/woff2
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 526ms
27ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://fonts.googleapis.com/

Response headers

age: 80330
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 19:19:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 19:19:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 AYCSpXb_Z9EORv1M5QTjEzMEteaAxII.woff2
fonts.gstatic.com/s/bubblegumsans/v20/ 14 KB
14 KB 550ms
51ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bubblegumsans/v20/AYCSpXb_Z9EORv1M5QTjEzMEteaAxII.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca11383cb73d2671c7166791fd07377e60c9af74ff28e66cf1fbd1d1dc43455f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://fonts.googleapis.com/

Response headers

age: 97402
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 14:34:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 14:34:28 GMT
last-modified: Thu, 24 Aug 2023 20:48:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14188
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK fa-solid-900.woff2
www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/ 78 KB
79 KB 110ms
33ms Font
font/woff2 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.5.13

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.5.13

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 80300
Keep-Alive: timeout=5, max=95
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: font/woff2
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK fa-brands-400.woff2
www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/ 77 KB
77 KB 163ms
30ms Font
font/woff2 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fa-brands-400.woff2

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.5.13

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://www.hotairballoonrides.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=27.5.13

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 78460
Keep-Alive: timeout=5, max=94
Date: Fri, 29 Nov 2024 17:37:49 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 18 Nov 2024 08:44:10 GMT
Content-Type: font/woff2
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 20 KB
20 KB 535ms
37ms Font
font/woff2 2607:f8b0:4004:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://fonts.googleapis.com/

Response headers

age: 71107
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 21:52:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 21:52:43 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20144
x-xss-protection: 0
server: sffe

GET
H2 200 sm.25.html
static.addtoany.com/menu/ Frame 65D7 0
0 543ms
78ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2092
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8ea45e302df417ad-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 29 Nov 2024 17:37:50 GMT
last-modified: Fri, 29 Nov 2024 17:02:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQa9jQBEavxAnccS%2Br4UtnGZGmNTAw7nBuowS%2BOvh%2FfCKeeWvmKioBAk9sZ4S53%2FE2Pp8CSA8kpa%2B3eUOaCQTBZVAOi4b%2Bjh0rrOUtx85dV%2B9g2hEO%2BgS0y%2F5UzDrKgUrhsiT%2BHM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 core.junnp81e.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 501ms
54ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.junnp81e.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"e6e4834d2c3691bbe81e6cdbd5ea9b75"
age: 7156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YQwyOR6eq18qk8eAS%2F1uq4Qx0wU5F1nEGG5Gr8LP%2FBqbPeCf6vhsOIBM7Si75lNMrA%2FeGXFfCKHr21K0s4npGBHO1L%2B8oz2v8ysZHGOgF4RBkCm7NkQ7c68UFgfI%2B9D%2FA7PJXBGh7k3YpNTZ5G515aIw"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 17:37:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ea45e2fb8735e66-EWR
access-control-allow-origin: *
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
428 B 69ms
53ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1052112593&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotairballoonrides.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Gentle%20Breeze%20Hot%20Air%20Balloon%20Rides%20-%20Gentle%20Breeze%20Hot%20Air%20Ballooon%20Rides&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1682464236&gjid=521180044&cid=2114061605.1732901870&tid=UA-139882029-1&_gid=671418592.1732901870&_r=1&gtm=457e4bk0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&jsscut=1&z=1462779217

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 17:37:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.hotairballoonrides.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 WidgetEmbed-selfserveprop Show response
www.tripadvisor.com/ 17 KB
5 KB 84ms
77ms Script
text/javascript 151.101.130.40
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tripadvisor.com/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=4368334&display_version=2&uniq=327&rating=true&lang=en_US&nreviews=5&writereviewlink=true
Requested by: Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=selfserveprop&uniq=327&locationId=4368334&lang=en_US&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: a8b38bc80d75437abb452a7e51221508eefc2b1eb89be356ef74a52725655bf2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: 35bba8bc-4bac-4002-b437-99672610e5d0
content-encoding: br
expires: 0
x-cache: MISS
date: Fri, 29 Nov 2024 17:37:49 GMT
content-type: text/javascript;charset=UTF-8
x-served-by: cache-ewr-kewr1740020-EWR
x-cache-hits: 0
vary: User-Agent,Accept-Encoding
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
pragma: no-cache
x-timer: S1732901870.677709,VS0,VE48
via: 1.1 varnish
accept-ranges: bytes
server: envoy

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 82ms
54ms Fetch
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W5HB8LZT0X&gtm=45je4bk0v9110516866za200&_p=1732901868864&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=2114061605.1732901870&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1732901869&sct=1&seg=0&dl=https%3A%2F%2Fwww.hotairballoonrides.com%2F&dt=Welcome%20to%20Gentle%20Breeze%20Hot%20Air%20Balloon%20Rides%20-%20Gentle%20Breeze%20Hot%20Air%20Ballooon%20Rides&en=page_view&_fv=1&_ss=1&tfd=2341
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W5HB8LZT0X&l=dataLayer&cx=c&gtm=457e4bk0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.hotairballoonrides.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 17:37:49 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 t4b_widget_self_serve_property-v24221562771a.css
static.tacdn.com/css2/build/concat/ 34 KB
6 KB 79ms
28ms Stylesheet
text/css 151.101.2.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css
Requested by: Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=4368334&display_version=2&uniq=327&rating=true&lang=en_US&nreviews=5&writereviewlink=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 19854b5cccafb0f438f0d86301061bf0f3b6f84861e4fcfdd2e451b7c432d52d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: e817b8a5-2f0f-4722-aafd-a977d4ecc35b
content-encoding: br
age: 1851648
expires: Fri, 31 Oct 2025 01:29:40 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 17:37:49 GMT
last-modified: Tue, 29 Oct 2024 10:40:58 GMT
content-type: text/css
x-cache-hits: 728
x-served-by: cache-ewr-kewr1740070-EWR
vary: Accept-Encoding
cache-control: max-age=31536000, immutable
timing-allow-origin: *
x-timer: S1732901870.886372,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6061
server: envoy

GET
H2 200 cdswidgets_m-c-v22480917520a.js Show response
static.tacdn.com/js3/build/concat/widget/ 15 KB
5 KB 83ms
32ms Script
application/x-javascript 151.101.2.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
Requested by: Host: www.tripadvisor.com
URL: https://www.tripadvisor.com/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=4368334&display_version=2&uniq=327&rating=true&lang=en_US&nreviews=5&writereviewlink=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e94e0140ad5ee0dd772ad05d9ba5cc4cf3e2a1f5d420ea5cb783edbdbdda9f10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: 15124914-32e8-4c9b-88e3-63f731bd46af
content-encoding: br
age: 1509017
expires: Sat, 08 Nov 2025 06:30:37 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 17:37:49 GMT
last-modified: Sat, 02 Nov 2024 10:35:29 GMT
content-type: application/x-javascript
x-cache-hits: 4198
x-served-by: cache-ewr-kewr1740070-EWR
vary: Accept-Encoding
cache-control: max-age=31536000, immutable
timing-allow-origin: *
x-timer: S1732901870.894497,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4452
server: envoy

GET
H/1.1 206
Partial Content gentle-breeze-main-banner.mp4
www.hotairballoonrides.com/wp-content/uploads/ 41 KB
42 KB 82ms
57ms Media
video/mp4 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/gentle-breeze-main-banner.mp4

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

df8c839db8d50c7409997e02433d0056a82b712f3230f410d4e894a37808c1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.hotairballoonrides.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=5341184-

Response headers

Strict-Transport-Security: max-age=31536000
Content-Range: bytes 5341184-5383233/5383234
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Accept-Ranges: bytes
Content-Length: 42050
Date: Fri, 29 Nov 2024 17:37:50 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:00:49 GMT
Content-Type: video/mp4
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.hotairballoonrides.com/wp-includes/js/ 18 KB
19 KB 47ms
39ms Script
text/javascript 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-includes/js/wp-emoji-release.min.js?ver=5bddee8f17e17188e715f5499f7110ea

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 18726
Keep-Alive: timeout=5, max=95
Date: Fri, 29 Nov 2024 17:37:50 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Wed, 03 Apr 2024 19:02:52 GMT
Content-Type: text/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 429 B
592 B 57ms
50ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.junnp81e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://static.addtoany.com/menu/modules/core.junnp81e.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"68925fa8e347041c6006837e73c518bc"
age: 7156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Nv9bcKUherl1bkQaRIni8S3I6ioPGRACVfQrkuqmnlHJct3wj8f3tmvKbx0GM7OTGCnu1rxi3jJoj8Kf%2FESDk5QngBcWKZM7jyPX%2Fvii1wzyFcERBHdVLTudZSiQI7ErC47NZSQGS7Ki9BwJK%2Fr%2BrDP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 17:37:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ea45e3099cd5e66-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 645 B
720 B 52ms
46ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.junnp81e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://static.addtoany.com/menu/modules/core.junnp81e.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
age: 7156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDPQ9hJEX2BbvJlS8b5FIh6mr41LQ27MwgbxveHhyTzuMkD2s8vzDGmozqcLjypgoAk89hSA4qsPgZj6JE%2BTnoWHwkrCa3TSTZhQNEvWWY7CgRJfi%2BteMYvVGSWiTiE5NMsbLisHyTMbdD2ApMLQ4FtU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 17:37:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ea45e3099cf5e66-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 892 B
800 B 57ms
51ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.junnp81e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af131f38af73817b1fbcd3381d88c95f4123b4b5a58ca4bd0872a68f29cbbf2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://static.addtoany.com/menu/modules/core.junnp81e.js

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"b83511f1e536e2440b4e06f3278d8a84"
age: 7156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rW7f%2BeVyz4vXyLYG8Sqh5HkRz8Ba%2Fka0WTgr7sXEB80dXCTxCDQEi2quS15wVZQFIr6WMmfWDn0xePtOJ1c1rlHpYeeLDtASbtUcoIc7xLEP7f3pnwtgUvK6JS5HRdI1InY7ed%2Bwqp50JBnAU49GWvdF"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 17:37:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ea45e3099d15e66-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
444 B 99ms
94ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.junnp81e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://static.addtoany.com/menu/modules/core.junnp81e.js

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2P0ChNyn2mYrL0rO1ihv6l8vicPlGVqBG4QC6BrXdKJJ7FgPc9kpzLQZMD4dtyO6u1rZM1Yd9VMkMa4WYKfITw9Rw82y5pGlIt7awfYMVdXvQz%2BR2htw87fJZJAE5nblCXmF1jBYs40JjNpvy8mlCyme"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 29 Nov 2024 17:37:50 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=7776000, stale-while-revalidate=30, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ea45e3099d25e66-EWR
access-control-allow-origin: *
server: cloudflare

GET
H/1.1 206
Partial Content gentle-breeze-main-banner.mp4
www.hotairballoonrides.com/wp-content/uploads/ 4 MB
0 5ms
4ms Media
video/mp4 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/gentle-breeze-main-banner.mp4

Requested by

Host: www.hotairballoonrides.com
URL: https://www.hotairballoonrides.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.hotairballoonrides.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

Content-Range: bytes 32768-5383233/5383234
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Accept-Ranges: bytes
Content-Length: 5350466
Date: Fri, 29 Nov 2024 17:37:50 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:00:49 GMT
Content-Type: video/mp4
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
www.tripadvisor.com/img/cdsi/img2/branding/v2/ 5 KB
3 KB 52ms
48ms Image
image/svg+xml 151.101.130.40
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tripadvisor.com/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b148a123dd65aa6603102281e5203539c1e3ad6514e035a9fd4096e5779017d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: 5deca42a-eddc-42f9-ade0-2eccbaa282c7
cache-control: private, max-age=43200
timing-allow-origin: https://www.tripadvisor.com
content-encoding: br
x-timer: S1732901871.066779,VS0,VE16
via: 1.1 varnish
expires: Sat, 30 Nov 2024 05:37:51 GMT
accept-ranges: bytes
x-cache: MISS
date: Fri, 29 Nov 2024 17:37:51 GMT
content-type: image/svg+xml
x-served-by: cache-ewr-kewr1740020-EWR
server: envoy
x-cache-hits: 0
vary: Accept-Encoding

GET
H2 200 TripAdvisor_Regular.woff2
static.tacdn.com/css2/webfonts/TripAdvisor/ 26 KB
26 KB 158ms
25ms Font
application/font-woff2 151.101.66.83
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tacdn.com/css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023
Requested by: Host: static.tacdn.com
URL: https://static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.83 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b182c7fce760e8851d7e91095237ff86a4f7036c78ddf4107ead869ff2f3502a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.hotairballoonrides.com
Referer: https://static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css

Response headers

x-request-id: 308ca878-3ad8-4242-9142-7fc0709603f1
age: 805955
expires: Fri, 20 Dec 2024 09:45:16 GMT
x-cache: HIT
date: Fri, 29 Nov 2024 17:37:51 GMT
last-modified: Sun, 17 Nov 2024 11:36:14 GMT
content-type: application/font-woff2
x-cache-hits: 5187
x-served-by: cache-ewr-kewr1740024-EWR
vary: Accept-Encoding
cache-control: max-age=2592000, immutable
timing-allow-origin: *
x-timer: S1732901871.223556,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26252
server: envoy

GET
H/1.1 200
OK favicon-1.ico
www.hotairballoonrides.com/wp-content/uploads/ 5 KB
6 KB 36ms
30ms Other
image/x-icon 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/favicon-1.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

e645b104da8f87751b16f0941a22b4206c8847c1bb83bbad7ebb06aa18574c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.hotairballoonrides.com/

Response headers

Strict-Transport-Security: max-age=31536000
Connection: Keep-Alive
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=92
Date: Fri, 29 Nov 2024 17:37:51 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:01:07 GMT
Content-Type: image/x-icon
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 206
Partial Content gentle-breeze-main-banner.mp4
www.hotairballoonrides.com/wp-content/uploads/ 1 MB
0 0ms
0ms Media
video/mp4 199.250.222.174
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hotairballoonrides.com/wp-content/uploads/gentle-breeze-main-banner.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

199.250.222.174 , United States, ASN54641 (IMH-IAD, US),

Reverse DNS

ded2609.inmotionhosting.com

Software

Apache /

Resource Hash

50b05ff95a86e39aac83140d81d43e569471d46ff85e9f4bc647c357197986d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.hotairballoonrides.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=3833920-

Response headers

Content-Range: bytes 3833920-5383233/5383234
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Accept-Ranges: bytes
Content-Length: 1549314
Date: Fri, 29 Nov 2024 17:37:50 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Thu, 11 Apr 2019 14:00:49 GMT
Content-Type: video/mp4
Server: Apache
X-Frame-Options: SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.hotairballoonrides.com
URL: blob:https://www.hotairballoonrides.com/a24934f5-24af-418a-aeec-29330308d7d2

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: BduuwnVD_YI
.youtube.com/	1970-01-21 05:40:53	Name: VISITOR_INFO1_LIVE Value: m2UZi2AmdfE
.youtube.com/	1970-01-21 05:40:53	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgUQ%3D%3D
.hotairballoonrides.com/	1970-01-21 01:23:08	Name: _gid Value: GA1.2.671418592.1732901870
.hotairballoonrides.com/	1970-01-21 01:21:41	Name: _gat_gtag_UA_139882029_1 Value: 1
.hotairballoonrides.com/	1970-01-21 10:57:41	Name: _ga_W5HB8LZT0X Value: GS1.1.1732901869.1.0.1732901869.0.0.0
.hotairballoonrides.com/	1970-01-21 10:57:41	Name: _ga Value: GA1.1.2114061605.1732901870
www-14p.bookeo.com/	1969-12-31 23:59:59	Name: AXIOMID Value: f43281e0n4sm1nly9irwetw57139657

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000 max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookeo.com
fonts.googleapis.com
fonts.gstatic.com
hotairballonrides.com
static.addtoany.com
static.tacdn.com
www-14p.bookeo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hotairballoonrides.com
www.jscache.com
www.tripadvisor.com
www.youtube.com
www.hotairballoonrides.com
108.181.19.107
15.197.225.128
151.101.130.40
151.101.2.83
151.101.66.83
172.96.166.74
199.250.222.174
2001:4860:4802:36::178
2606:4700:10::6816:47c5
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::68
2607:f8b0:4004:c21::5d
0170ac187ee3fb6bd4f2b84c6e49a54cab9700d7773e2e1423dc01b4fc562f95
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8
1124c550a8d975b2ddcbb39dc2f7ac42b112082124fa117813a16fa30a87a792
158b193366018e086e1f3ca1faf6d1972fe9c23d83884713750c287b3ebff928
19854b5cccafb0f438f0d86301061bf0f3b6f84861e4fcfdd2e451b7c432d52d
2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434
249910f1f5ed4ca50e6c12b06088cf4b73d2eac5735889cd1e478a6b7a8ceb65
285f3976bba66e59ee3acf9b5efed9d33f5f2f4a5b91cf55512f8c78f6b4a95e
29f260e54f6efec3169934d2bc930a7d66cfd5b10fc51a78ff802f25c7e7c508
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
30a724fd160abc261b47634b475945b5d1979ab40c9e7093d4af0dd287b77c26
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
46b72bb79ade4d97302ba48a4ddc457f85a830381bd38a95156bd5a52533324b
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50b05ff95a86e39aac83140d81d43e569471d46ff85e9f4bc647c357197986d2
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5560c17a29221d5c73ce1a8381a5d779db582135db50fbb9da5601fa49cf390f
5fa8f975dc6cf87993574de6ae458728386f92f66880726956accedd736173d4
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b
685048a4acb6f77e870b8c054d08d458856320e35714d775dea489c0f29d36ad
690aab4743662ad84513d24193d23fab79279bba2996a1e4f3933d5ebe17c404
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a
958c6f5ef24a1c60d3ad150a3839661b99ee2e5b5697fa5a7fa482df81e63aa8
a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f
a6760631fecfe59ed152aeb2c51fdcb515ac00cd4755449016b5b34813735d00
a6bc1637dff5f1b09f1936a4d9567fea63c73e24bc2a73943cbac0e016dbace2
a8b38bc80d75437abb452a7e51221508eefc2b1eb89be356ef74a52725655bf2
aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462
af131f38af73817b1fbcd3381d88c95f4123b4b5a58ca4bd0872a68f29cbbf2d
b148a123dd65aa6603102281e5203539c1e3ad6514e035a9fd4096e5779017d3
b182c7fce760e8851d7e91095237ff86a4f7036c78ddf4107ead869ff2f3502a
c0fa90ca6e7303bfcf6bfa7d412e8fc370c8c9b5188a6700a902be3ecc9e9456
c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f
ca11383cb73d2671c7166791fd07377e60c9af74ff28e66cf1fbd1d1dc43455f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d5c9ad7e71b368a2378dc92bdb901abe6ba530c78a2c9a8414000599e4536a55
d8c9ece213e8e2c9802ede1c303b133bdece7af8aea682d44d2887966366a9bc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8c839db8d50c7409997e02433d0056a82b712f3230f410d4e894a37808c1a1
e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e645b104da8f87751b16f0941a22b4206c8847c1bb83bbad7ebb06aa18574c16
e676146b17d887b78bab90f2f65858958bef9f0b25aa2b89a95d300a4c072748
e94e0140ad5ee0dd772ad05d9ba5cc4cf3e2a1f5d420ea5cb783edbdbdda9f10
eddbcbc672aeb7244efe5fae67ab6eddfa9ff135809dd9efb3457e6cf52afc0e

www.hotairballoonrides.com Open in urlscan Pro 199.250.222.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

97 %HTTPS

50 %IPv6

13 Domains

14 Subdomains

13 IPs

1 Countries

2501 kBTransfer

8219 kBSize

8 Cookies

23 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hotairballoonrides.com Open in urlscan Pro
199.250.222.174 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

97 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

13
IPs

1
Countries

2501 kB
Transfer

8219 kB
Size

8
Cookies

66 HTTP transactions
0 data transactions