hotflashesandboardingpasses.com Open in urlscan Pro
35.225.43.51  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hotflashesandboardingpasses.com/	109 KB 16 KB	495ms 154ms	Document text/html	35.225.43.51 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.225.43.51 , United States, ASN15169 (GOOGLE, US), Reverse DNS 51.43.225.35.bc.googleusercontent.com Software nginx / WP Engine Resource Hash c1eb05ea67904173f6c3cc389a545fff2aa68350947fde901cffa0302139fac6 Request headers :method GET :authority hotflashesandboardingpasses.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Sun, 24 Oct 2021 03:12:51 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding,Cookie link <https://hotflashesandboardingpasses.com/wp-json/>; rel="https://api.w.org/" x-powered-by WP Engine x-cacheable SHORT cache-control max-age=600, must-revalidate x-cache HIT: 2 x-cache-group normal content-encoding br
GET H2	200	css fonts.googleapis.com/	4 KB 700 B	40ms 18ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:regular|Rufina:regular|Montserrat:300 Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software ESF / Resource Hash bd8d66598d914eadc62fa7d80a1301a1ed844addcfb566e1e0b625da775b3d35 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Oct 2021 03:12:51 GMT server ESF date Sun, 24 Oct 2021 03:12:51 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 03:12:51 GMT
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/	54 KB 4 KB	50ms 19ms	Stylesheet text/css	104.16.19.94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:12:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2698146 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 3203 timing-allow-origin * last-modified Mon, 04 May 2020 16:04:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d2a-d8e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM0ujVoyYU3ivrnwV8U1PvPlGBK8TrOCqTKyKH6ZQB8UqZh2L3VxtxQOsRwgahTLN%2BoCwuqSCEp3EAIJ5x7fO%2BAUVkU%2FkyF91XcNvgjP%2B68K0m5UvjqRZUeDW9lhRU%2F1QEJQbmK7"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6a3006a48ea04107-PRG expires Fri, 14 Oct 2022 03:12:51 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	29ms 7ms	Script text/javascript	142.250.185.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f10.1e100.net Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 19:27:23 GMT content-encoding gzip x-content-type-options nosniff age 27928 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Sun, 23 Oct 2022 19:27:23 GMT
GET H2	200	showit-lib.min.js Show response lib.showit.co/engine/1.3.4/	111 KB 37 KB	56ms 7ms	Script application/javascript	18.66.112.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/1.3.4/showit-lib.min.js Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6f913140888accf37d5d04a7b2c497e9c0b148c8a2f53128c8499d8c11657b6b Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 18:40:28 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 17:23:27 GMT server AmazonS3 age 549144 etag W/"f9a3a295b8c142a39ab6485b50ab86bd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id xnF2up4Zi-lb8zTFmp75Ja3Muf0tMFSgaFRkKBIUmyyCrwr6aEy3-g==
GET H2	200	showit.min.js Show response lib.showit.co/engine/1.3.4/	35 KB 11 KB	62ms 13ms	Script application/javascript	18.66.112.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/1.3.4/showit.min.js Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c5e053d015f0994af0b4203a2b7b6658f526ffd4d9df2ab08e915f59c32990be Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 18:16:06 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 17:23:28 GMT server AmazonS3 age 550606 etag W/"6900ed90557e95e6ba3f4a380b48609f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id bJD2bGeyHAMm4cmEpUlClwMvsSMxXpnzjGctmRX1QZ5T4DGicDLdVg==
GET H2	200	showit.css lib.showit.co/engine/1.3.4/	7 KB 2 KB	55ms 6ms	Stylesheet text/css	18.66.112.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.showit.co/engine/1.3.4/showit.css Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aa309d67ec46fd54214cf31de15865c48b00032da5f71e16fca7d83aab75dcb2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:21:04 GMT content-encoding gzip last-modified Thu, 23 Sep 2021 17:23:28 GMT server AmazonS3 age 550606 etag W/"3002bb1fa888513df13eab6cafdeef11" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id WNV6gvSx3bFoqkXVXnmzrm_Ey23M011JHWzA4FRGoO5RQFZe117W7A==
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	38ms 17ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software ESF / Resource Hash dfadb08b09726d549c48ffce179e2c00371e78ec7cfa1ce6456e805b3fe3f32b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Oct 2021 01:17:28 GMT server ESF date Sun, 24 Oct 2021 03:12:51 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 03:12:51 GMT
GET H2	200	u7o4q9 track.mailerlite.com/webforms/o/1980386/	43 B 259 B	79ms 35ms	Image image/gif	104.18.3.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.mailerlite.com/webforms/o/1980386/u7o4q9?vee71a8848f3cc4af6b2730283dbdc659 Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.3.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:12:52 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 6a3006a508eb4119-PRG expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15724800; includeSubDomains content-type image/gif
GET H2	200	webforms.min.js Show response static.mailerlite.com/js/w/	8 KB 2 KB	78ms 29ms	Script application/javascript	104.18.2.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.mailerlite.com/js/w/webforms.min.js?vee71a8848f3cc4af6b2730283dbdc659 Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.2.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02e2a7a2ade753679e8f8c4fd4eae75a99ccb4e87dfc3c91577db453812e9a8d Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 6a3006a50f9d27bc-PRG date Sun, 24 Oct 2021 03:12:52 GMT via 1.1 google cf-cache-status HIT last-modified Thu, 21 Oct 2021 14:02:02 GMT server cloudflare age 5746 etag W/"617172da-209f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=432000 strict-transport-security max-age=63072000 content-encoding br expires Fri, 29 Oct 2021 03:12:52 GMT
GET H2	200	Yq6V-LyURyLy-aKCpB5l.woff2 fonts.gstatic.com/s/rufina/v8/	13 KB 13 KB	41ms 17ms	Font font/woff2	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rufina/v8/Yq6V-LyURyLy-aKCpB5l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:regular|Rufina:regular|Montserrat:300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software sffe / Resource Hash 1b5048c5f88cb6e01e104835c6501dce7f2eb90c681b6ca746403ea8b2b6f53f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hotflashesandboardingpasses.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 02:49:11 GMT x-content-type-options nosniff age 174221 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 12844 x-xss-protection 0 last-modified Tue, 01 Sep 2020 04:18:57 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 22 Oct 2022 02:49:11 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	42ms 19ms	Font font/woff2	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:regular|Rufina:regular|Montserrat:300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hotflashesandboardingpasses.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 04:48:55 GMT x-content-type-options nosniff age 253437 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 04:48:55 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	30ms 7ms	Font font/woff2	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hotflashesandboardingpasses.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 18:26:14 GMT x-content-type-options nosniff age 204398 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 18:26:14 GMT
GET H2	200	ml_jQuery.inputmask.bundle.min.js Show response static.mailerlite.com/js/w/	69 KB 21 KB	27ms 26ms	Script application/javascript	104.18.2.159 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1 Requested by Host: static.mailerlite.com URL: https://static.mailerlite.com/js/w/webforms.min.js?vee71a8848f3cc4af6b2730283dbdc659 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.2.159 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 6a3006a53fb127bc-PRG date Sun, 24 Oct 2021 03:12:52 GMT via 1.1 google cf-cache-status HIT last-modified Thu, 21 Oct 2021 14:02:04 GMT server cloudflare age 785 etag W/"617172dc-1153a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=432000 strict-transport-security max-age=63072000 content-encoding br expires Fri, 29 Oct 2021 03:12:52 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 19 KB	7ms 7ms	Font font/woff2	172.217.16.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:regular|Rufina:regular|Montserrat:300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f3.1e100.net Software sffe / Resource Hash 2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hotflashesandboardingpasses.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 12:00:45 GMT x-content-type-options nosniff age 573127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19536 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:41 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 17 Oct 2022 12:00:45 GMT
GET H2	200	dsc_8940_jpg.jpg static.showit.co/1600/7SMURPd9TCOd-mNJDRlFyQ/106604/	852 KB 853 KB	64ms 24ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1600/7SMURPd9TCOd-mNJDRlFyQ/106604/dsc_8940_jpg.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash 95f17adfc52cbd05a598b54b66de8bb40517adde18a317e374022919eec44371 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Thu, 08 Jul 2021 23:43:08 GMT server nginx age 119 etag 26f824300e054322b73dd0bacb692cfe x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 872636 x-amz-cf-id hgIC4-WIOzB-NxRm1GlMDN04roP1ueMVK8Oibf0sU3rES8WTwfZGjw==
GET H2	200	mg_0316.jpg static.showit.co/400/ERGcK7xrTfCJBhHeP_AM0g/106604/	63 KB 64 KB	54ms 15ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/400/ERGcK7xrTfCJBhHeP_AM0g/106604/mg_0316.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash 5310bc2d4423f44ebfc2ca534e66e165a2017455ca40485539839cecd15baf25 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Fri, 24 Apr 2020 22:46:15 GMT server nginx age 119 etag 0ec767235948a9fd6b01094928894786 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 64629 x-amz-cf-id _FDWzlNtrvEj-p7dBE1j4-8R-aSl-w7gzLdj7E6UpHr_WuKUxUKzJA==
GET H2	200	mg_0135.jpg static.showit.co/800/dcbCd9CgRoWzVJYv46wjCg/106604/	218 KB 219 KB	69ms 30ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/800/dcbCd9CgRoWzVJYv46wjCg/106604/mg_0135.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash ee8bd77cd76a585be4b7ca63f9148fba4e4084adeca9a36f470ca0d682eaedb1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Fri, 24 Apr 2020 20:28:10 GMT server nginx age 119 etag 3f1c6dd3fa1c53cbf84a5f72bf279ee3 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 223365 x-amz-cf-id sQG4DMoyAdJ_nfGUWqSzqDrk8ZIv2XnnveFjRLDzUOi5L3ch27Im0g==
GET H2	200	stacey_bathtub.jpg static.showit.co/800/1lPJhUzYQjC0hDp23DW4wg/106604/	95 KB 95 KB	48ms 9ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/800/1lPJhUzYQjC0hDp23DW4wg/106604/stacey_bathtub.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash 1c142ffd0f98bbc785d8dfa88c50be3503dd3d5f2cab388f5e117190555ff423 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Mon, 13 Apr 2020 22:04:09 GMT server nginx age 119 etag 6781e8d60187328bcbf8e6a871a56d8f x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 97169 x-amz-cf-id jvTt1myNDnODAeNisH_KReN2CQiNgG4edJvjGcciqqh_2GRaFgwU3g==
GET H2	200	outdoor_camping_article_magazine_page.png static.showit.co/1200/Jr9GzVDtTCKrq6iS1TbZdQ/106604/	2 MB 2 MB	77ms 38ms	Image image/png	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1200/Jr9GzVDtTCKrq6iS1TbZdQ/106604/outdoor_camping_article_magazine_page.png Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash 3cbd91d7ad5a10fd30117a3b0c8abe8c39b6d4ce1a9d233225fd760ab8eb23a6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Mon, 12 Oct 2020 19:37:39 GMT server nginx age 119 etag 157b556b803b0e14865f83e58d8f59a3 x-cache Hit from cloudfront content-type image/png cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 2435833 x-amz-cf-id 8QZiSG8WZaf_Ej3JHnRPqENo2Wk5vybq4UlTBlLsxOepPQSp9IonZw==
GET H2	200	image_2.jpg static.showit.co/1200/kh29edZGRkaHdMAJsLTGQg/106604/	519 KB 520 KB	79ms 41ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/1200/kh29edZGRkaHdMAJsLTGQg/106604/image_2.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash 96508846e032948b15ce9f45784acf9dd4b46696c2cca843011680245be911c4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Tue, 13 Oct 2020 04:09:58 GMT server nginx age 119 etag 5bec5d519e61b120bffacd452b9934e4 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 531938 x-amz-cf-id dMKQRLIMTlHWTL1z0kkDXPhKs1DRNmHeuBZCs9-Z2xfQbL3hc-9Plg==
GET H2	200	stacey_tub_2.jpg static.showit.co/800/Xhv1GB3iRvaFGlgGIRd0bg/106604/	91 KB 91 KB	20ms 19ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/800/Xhv1GB3iRvaFGlgGIRd0bg/106604/stacey_tub_2.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash b8542fde37dd37064bd7736021d85478bc2bf96a1bce3107e6573061c3181cfa Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Mon, 13 Apr 2020 22:10:11 GMT server nginx age 119 etag 6b2196cd2be624bf5e692f63d906a256 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 92693 x-amz-cf-id TIfXVKTkp5RmlHK6gCnXPP2M9TsAcTVzy88XZX-CxUB-jzzce55B7g==
GET H2	200	mg_0143.jpg static.showit.co/800/a4qSKZBFSTCV-iU2TvPWrQ/106604/	331 KB 331 KB	20ms 19ms	Image image/jpeg	52.222.236.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.showit.co/800/a4qSKZBFSTCV-iU2TvPWrQ/106604/mg_0143.jpg Requested by Host: hotflashesandboardingpasses.com URL: https://hotflashesandboardingpasses.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-37.fra56.r.cloudfront.net Software nginx / Resource Hash 5dbe945a2df42fbcc6d5ab587fcb45b8b545fe0a68e8e5e95e93d43fa39795fd Request headers Accept-Language de-DE,de;q=0.9 Referer https://hotflashesandboardingpasses.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 03:10:53 GMT via 1.1 c9499008aa7e1acd11e9fbc171281d83.cloudfront.net (CloudFront) last-modified Fri, 24 Apr 2020 22:47:47 GMT server nginx age 119 etag 9ec9a23e345fbabc5fdec0205ccf74b6 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 x-amz-cf-pop FRA56-P4 content-length 338661 x-amz-cf-id hOT7ZguaAoeDIbRyMAKVoEgnuPLXQ5cYi7TnkqevVzrwU5eBSlKQTQ==

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| webpackJsonp_name_ object| device function| Waypoint function| _ function| showit-lib object| showit function| initPage function| ml_webform_success_1980386 function| ml_jQuery object| S5 function| Inputmask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hotflashesandboardingpasses.com
lib.showit.co
static.mailerlite.com
static.showit.co
track.mailerlite.com
104.16.19.94
104.18.2.159
104.18.3.159
142.250.184.234
142.250.185.170
172.217.16.131
18.66.112.106
35.225.43.51
52.222.236.37
02e2a7a2ade753679e8f8c4fd4eae75a99ccb4e87dfc3c91577db453812e9a8d
1b5048c5f88cb6e01e104835c6501dce7f2eb90c681b6ca746403ea8b2b6f53f
1c142ffd0f98bbc785d8dfa88c50be3503dd3d5f2cab388f5e117190555ff423
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3cbd91d7ad5a10fd30117a3b0c8abe8c39b6d4ce1a9d233225fd760ab8eb23a6
5310bc2d4423f44ebfc2ca534e66e165a2017455ca40485539839cecd15baf25
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5dbe945a2df42fbcc6d5ab587fcb45b8b545fe0a68e8e5e95e93d43fa39795fd
6f913140888accf37d5d04a7b2c497e9c0b148c8a2f53128c8499d8c11657b6b
95f17adfc52cbd05a598b54b66de8bb40517adde18a317e374022919eec44371
96508846e032948b15ce9f45784acf9dd4b46696c2cca843011680245be911c4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa309d67ec46fd54214cf31de15865c48b00032da5f71e16fca7d83aab75dcb2
b8542fde37dd37064bd7736021d85478bc2bf96a1bce3107e6573061c3181cfa
bd8d66598d914eadc62fa7d80a1301a1ed844addcfb566e1e0b625da775b3d35
c1eb05ea67904173f6c3cc389a545fff2aa68350947fde901cffa0302139fac6
c5e053d015f0994af0b4203a2b7b6658f526ffd4d9df2ab08e915f59c32990be
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
dfadb08b09726d549c48ffce179e2c00371e78ec7cfa1ce6456e805b3fe3f32b
ee8bd77cd76a585be4b7ca63f9148fba4e4084adeca9a36f470ca0d682eaedb1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d