booking.thehiddensun.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://booking.thehiddensun.com/
Effective URL:
https://booking.thehiddensun.com/
Submission: On November 21 via api (November 21st 2023, 9:09:32 pm UTC) from US — Scanned from NL

Summary HTTP 21 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is booking.thehiddensun.com.
TLS certificate: Issued by GTS CA 1P5 on September 24th 2023. Valid for: 3 months.

This is the only time booking.thehiddensun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.6.97 104.17.6.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.20.180 104.18.20.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.205.20 172.64.205.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
21	9

3 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

booking.thehiddensun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

booking.thehiddensun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.6.97 (None, )

ASN13335 (CLOUDFLARENET, US)

tracking.groovesell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.20.180 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.205.20 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	grooveapps.com assets.grooveapps.com — Cisco Umbrella Rank: 574906	7 MB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1492 ka-f.fontawesome.com — Cisco Umbrella Rank: 2891	23 KB
4	thehiddensun.com 1 redirects booking.thehiddensun.com	27 KB
3	gstatic.com fonts.gstatic.com	43 KB
2	groovetech.io matomo.groovetech.io — Cisco Umbrella Rank: 606640	22 KB
2	groove.cm app.groove.cm — Cisco Umbrella Rank: 539910	78 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	277 KB
1	groovesell.com tracking.groovesell.com	526 B
21	8

	Domain	Requested by
4	assets.grooveapps.com	booking.thehiddensun.com
4	booking.thehiddensun.com	1 redirects booking.thehiddensun.com
3	fonts.gstatic.com	fonts.googleapis.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	matomo.groovetech.io	booking.thehiddensun.com matomo.groovetech.io
2	app.groove.cm	booking.thehiddensun.com
2	fonts.googleapis.com	booking.thehiddensun.com app.groove.cm
1	tracking.groovesell.com	booking.thehiddensun.com
1	kit.fontawesome.com	booking.thehiddensun.com
21	9

This site contains links to these domains. Also see Links.

Domain
buy.stripe.com
thehiddensun.com
www.youtube.com
gmail.com

Subject Issuer	Validity	Valid
thehiddensun.com GTS CA 1P5	`2023-09-24` - `2023-12-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
groove.cm Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-09`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-21` - `2024-04-20`	a year	crt.sh
grooveapps.com Cloudflare Inc ECC CA-3	`2023-10-07` - `2024-10-06`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
groovetech.io E1	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://booking.thehiddensun.com/
Frame ID: 621823D1D7CE16CD6EB5886C71EEC10B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Hidden Sun

Page URL History Show full URLs

http://booking.thehiddensun.com/ HTTP 301
https://booking.thehiddensun.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

7684 kB
Transfer

9628 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://buy.stripe.com/28oaFf6914LpeOs6ou
Title: BOOK NOW - USD125

Search URL Search Domain Scan URL

URL: http://thehiddensun.com/
Title: Read My Blog

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcGgQr1c88KSe3Ih7QsoH3A?sub_confirmation=1
Title: Watch My Videos

Search URL Search Domain Scan URL

URL: https://gmail.com/
Title: thehiddensun.consult@gmail.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://booking.thehiddensun.com/ HTTP 301
https://booking.thehiddensun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.thehiddensun.com/
Redirect Chain

http://booking.thehiddensun.com/
https://booking.thehiddensun.com/

54 KB
14 KB

900ms
297ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c0a4883b53636b271986f965fcedd7b3c96ee3164d64fa6e21eb3ee7121ef5c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 829be9de8c4c0e70-AMS
content-encoding: br
content-type: text/html
date: Tue, 21 Nov 2023 21:09:25 GMT
last-modified: Wed, 01 Feb 2023 01:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzTebwZ7xu8JUTium578aLWU5btEOWZXNXpk03yBnIndgzi3z%2BDVz0%2FGdBpNEDdqysEC5dXNrKLMYq4uWeqlfHlsiKB74e8A5GNLrwfKyZorxnI1mPY%2Bc8OIH54kkIGvvyCUGslOkWEcxG4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 829be9da88209153-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 21 Nov 2023 21:09:24 GMT
Expires: Tue, 21 Nov 2023 22:09:24 GMT
Location: https://booking.thehiddensun.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1xIdZ4FdFBwX32RyAv4lw9U4loLxJa27iXvAuEqL8IgX5c6VE2gDwAMf105m38ni1YIWNS0yZIyYexAcZhEbDSAD5miiEhe6j2nuagrlUl61xVBvi3G5JCXiMY%2F3qtVyd2FK0jyzfDkbgo%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 745 KB
139 KB 376ms
28ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

854089552effea393b7219cb3c4acaeaa0ee85a396e2e342313dac67fe47eb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:01:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:09:25 GMT

GET
H2 200 inpage_published.css
app.groove.cm/groovepages/css/ 462 KB
67 KB 395ms
32ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published.css
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c34b30be3d196a455f134497a33073b653ec4a297bfb43d4b6f9720219b1d50a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 02:30:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6231
etag: W/"65542d36-737a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iNdUuDrV1fd8Z1h49TaruWDZFT9luQ6QSS9O1%2FdIxc29KdQEBpJ2PZcl0i2l353oCSjvvQjTfrFDly8jLCtok4dLFu2Z6GC2dgPHhBMKwZR2oIOf5oNCZLdwtZ%2BAXd%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 829be9e2bac06575-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 11 KB
5 KB 477ms
135ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e7647a48d4.js
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42bcdacb3c1840318a52edef9a364b9ddc80280455ad746020ccbcacfce43c3a

Request headers

Referer: https://booking.thehiddensun.com/
Origin: https://booking.thehiddensun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 829be9e289010eac-AMS
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F5kRoX4HjXAKoRw3w0CD

GET
H2 200 index.css
booking.thehiddensun.com/ 205 KB
12 KB 526ms
525ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.thehiddensun.com/index.css?v=1.1675216691
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1245212aa1981391dd525eb7b4a51ea7e13d13623211bd42c8284a73ca343218

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 01:58:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d9c733-33390"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeBZ8Z7LW4JwnOKNbLxjcAKWVHY8KCAgu7MzhLsIzs5zIui0PgIe9aKiGw5mZM1h0g0QpKJXhVRQES6C%2FuQcfpADdo5O4cnWLZGBJPIKUGg6duDAg0JurhUL4bt5iyUVBma%2BiU3%2B2H5xFss%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 829be9e0ef8d0e70-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 Nov 2023 22:09:25 GMT

GET
H2 200 60239
tracking.groovesell.com/salespage/tracking/ 43 B
526 B 849ms
485ms Image
image/gif 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.groovesell.com/salespage/tracking/60239
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33-56+ubuntu20.04.1+deb.sury.org+1
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33-56+ubuntu20.04.1+deb.sury.org+1
content-type: image/gif
cache-control: must-revalidate, no-cache, no-store, private
cf-ray: 829be9e32e3c3685-FRA
content-length: 43

GET
H2 200 1611076393_HIDDEN-SUN.png
assets.grooveapps.com/images/60071171d45ea9006f5ba74b/ 50 KB
50 KB 691ms
337ms Image
image/png 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/60071171d45ea9006f5ba74b/1611076393_HIDDEN-SUN.png?update=2
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b4896eb1e9e551d2d19b6f51f54e89ad38d44bdd1a674d101c7426189c8411

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:25 GMT
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPoXu3Mhb6QgmoS4bm4FPXidFUWzYWUMeif8q3hnkhRFmWiUpV5SM6NpmkdUehDREJORTIg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 51048
last-modified: Tue, 19 Jan 2021 17:23:57 GMT
server: cloudflare
etag: "1b8be28d316562c8c7fdb00b4f341020"
vary: Accept-Encoding
x-goog-generation: 1611077037837230
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=ZGN2Cg==, md5=G4vijTFlYsjH/bALTzQQIA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 51048
accept-ranges: bytes
cf-ray: 829be9e31ca15c98-FRA
expires: Wed, 22 Nov 2023 01:09:25 GMT

GET
H2 200 1611076368_SH5_4623edit%20copy.png
assets.grooveapps.com/images/60071171d45ea9006f5ba74b/ 5 MB
5 MB 407ms
405ms Image
image/png 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/60071171d45ea9006f5ba74b/1611076368_SH5_4623edit%20copy.png
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04c34861a8775a267d794d77018c726ad6777ae88fbee5468f5270b00239e82d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPoFUbAgYdvVeC_fmJblDZ5QAA417jXbBrqwIto2aHu6Fabg7kakWCVC2iufA7Jhgf1aRmU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 5027972
last-modified: Tue, 19 Jan 2021 17:12:49 GMT
server: cloudflare
etag: "87c6619ba3a60839ec79fed0d4d6239f"
vary: Accept-Encoding
x-goog-generation: 1611076369099537
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=xZMuUQ==, md5=h8Zhm6OmCDnsef7Q1NYjnw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 5027972
accept-ranges: bytes
cf-ray: 829be9e39cfc5c98-FRA
expires: Wed, 22 Nov 2023 01:09:25 GMT

GET
H2 200 1611077181_HIDDEN-SUN-1%20copy.png
assets.grooveapps.com/images/60071171d45ea9006f5ba74b/ 878 KB
879 KB 384ms
382ms Image
image/png 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/60071171d45ea9006f5ba74b/1611077181_HIDDEN-SUN-1%20copy.png
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fbc7eca73eb2f825ab94bdae019484481f21f6ea06377ee3dd3165b9124ebb6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPp2w_vR1Bc7gP8NjdAgpijVhgBSHdxm7pTU8ddNQgBOIFleNLAUDPNMhDdd27G_4uYVbJI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 899318
last-modified: Tue, 19 Jan 2021 17:26:21 GMT
server: cloudflare
etag: "dd5fbc168eb6ca889b42b630d9a91c79"
vary: Accept-Encoding
x-goog-generation: 1611077181762344
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=+ZK8Cg==, md5=3V+8Fo62yoibQrYw2akceQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 899318
accept-ranges: bytes
cf-ray: 829be9e39cfd5c98-FRA
expires: Wed, 22 Nov 2023 01:09:25 GMT

GET
H2 200 email-decode.min.js Show response
booking.thehiddensun.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
21ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.thehiddensun.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7l10VLo0PETjCr%2BS1vQ6qd7DagzWNlEc3UudUVyvLRG3NZlu52Cd47rhEemKsXSH3lCmeUbxvDCp2I%2BGtqX2KKtWM04OIHlFoVWM0iDcmCvExxcL%2BTZag27lxpbD3JSswMV9%2FRlFCFjWfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 829be9e39b5a0e70-AMS
expires: Thu, 23 Nov 2023 21:09:25 GMT

GET
H2 200 inpage_published.js Show response
app.groove.cm/groovepages/js/ 31 KB
11 KB 30ms
29ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published.js
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc49bd528b7ac0bbabc9571dff2ff8d60c56fa1e9dabbd5e30745117d18f6da5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 02:30:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6093
etag: W/"65542d36-7c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhmqrIVbS3mXhcKPsXBfQUawGVoyOanTztdIodFP9h4xSbh7jLkXQ6r6yengtyLddwUeIf8grLkBViIOLKn%2FaJwpaENVzQCZdLc6bPaidNGSRqRA%2BEQYsq6CD4EipFR2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 829be9e39c4c6575-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 720 KB
138 KB 29ms
28ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

ac3126104672409eac25ec042685e1bd05b0bbd756895c50f581e350b87463a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 21:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 21:08:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 21:09:25 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 386ms
30ms Fetch
text/css 172.64.205.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyqPirtvr5GGzS17ClNw7H7%2B%2BQQetWNb8dfevKTlbKQBngAqqr%2FHxf6ZkRTW%2BFHBM95RL%2BkI8c0LP1PmfpHUwBVKGkW%2F5Bnur0ZseF%2BnG7bU6DoeQmCIiROaNqzEw9i5LsgZArpYMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 829be9e5ce045c45-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 1z_u0PnxmxTA5R6ljrRPACR_kbmC-SR2_rlI8Z0QWesTnQ-Ogr_AnA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 384ms
28ms Fetch
text/css 172.64.205.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
via: 1.1 c24bf4c03d36f2d43fb38710581fa0e6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdXvRF83Uh7oHSblfMdmrnTUq2haAgO%2BeBnzNDyWthzKG0kAanfF3inC8DxkbH6MQBx7OB9oT3GyygcQWk6zIoSZsR31agzTWXyS2DAkxvh16AG31nE0LPZG9wXPWXkERzri0tloEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 829be9e5ce025c45-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 74YIysu2apCOa30wOvApN2W9JKH3Jc-kYzEP_DJfUrU2L-bHfNOJHw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 383ms
27ms Fetch
text/css 172.64.205.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7t769pTPeE%2FCVKV%2BQzBE5agNmv7wcoDUz8HNpfVTLaBgkCKR%2BUBpYPmQ0yOTH1eKpQ15A1Ob4azobhcmabv0DjSW9n7nxWj2tnQnv5wgWsvoc0xOhtqClnzFKqQlIzYIIKDQCMSoEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 829be9e5cdff5c45-AMS
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 5dceFUWVncRiI4vii7buwrRwne_0CC4lZ-4_VSAmC7Udwf0rgPS3rw==

GET
H2 200 matomo.js Show response
matomo.groovetech.io/ 64 KB
22 KB 402ms
29ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 18:30:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419
etag: W/"10132-6087a89895e40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IU6Cl0ISFddx3P%2BSBHecuhQOVCyLIys11u6IKvp69IOwEPBdVC4PAtcVBvuiHq5T8uOg%2FIdHTJ%2F4EJeiMXpZEPf3imeJHMT8%2FrkUAOfGmqy6p%2BckPvYNHLcCXOY2AoJIsET9vfLhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 829be9e5ec7f361e-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99d03512c39b3fca016da58460c9fd2f9f29a4b03306f655d4ac15525da872b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1647416301Kq4HnWQiSDk.jpg
assets.grooveapps.com/images/60071171d45ea9006f5ba74b/ 1 MB
1 MB 403ms
403ms Image
image/jpeg 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/60071171d45ea9006f5ba74b/1647416301Kq4HnWQiSDk.jpg
Requested by: Host: booking.thehiddensun.com
URL: https://booking.thehiddensun.com/index.css?v=1.1675216691
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639e46010791c3523954635ceda2ff9e829589f5193ac47b874ec8d22bd12451

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://booking.thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPrH0iBIb7e7z0gplJFdpX23s6Fr4_GOYgggV5pDsvWeEjRCq4q8IcGXNdY9dDLFx8lsy90
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1398986
last-modified: Wed, 16 Mar 2022 07:38:42 GMT
server: cloudflare
etag: "b13cc484f5c5d03b6007b3e9841a9236"
vary: Accept-Encoding
x-goog-generation: 1647416322116999
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=qh7brQ==, md5=sTzEhPXF0DtgB7PphBqSNg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1398986
accept-ranges: bytes
cf-ray: 829be9e4bde35c98-FRA
expires: Wed, 22 Nov 2023 01:09:26 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 386ms
36ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://booking.thehiddensun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
age: 345384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:13:02 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/ 12 KB
12 KB 389ms
39ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://booking.thehiddensun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 15:04:36 GMT
x-content-type-options: nosniff
age: 281090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:48:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 15:04:36 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 370ms
21ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://booking.thehiddensun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 02:27:46 GMT
x-content-type-options: nosniff
age: 326500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 02:27:46 GMT

POST
H2 204 matomo.php
matomo.groovetech.io/ 0
334 B 92ms
90ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=booking.thehiddensun.com%2FThe%20Hidden%20Sun&idsite=4&rec=1&r=154459&h=22&m=9&s=26&url=https%3A%2F%2Fbooking.thehiddensun.com%2F&_id=bc14ae5e394747e8&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=61fbf586c9e6331d67340389&dimension2=4VKc9l5Pp&pv_id=jykmlC&pf_net=603&pf_srv=298&pf_tfr=169&pf_dm1=728&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.17
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://booking.thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Tue, 21 Nov 2023 21:09:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoZisafyKlyckwlNYDFER%2Bd9SEV0F9odW%2FAzMTHjQ2aLEzl5fUQiQDR%2FHYyatGJLn60QN0Tml2CM7ElpnsOmGXNrML06T2phr7OlVd3QsYAjYZv0MmDEV9DmXf7Qh8uWw5P2aSMDRA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://booking.thehiddensun.com
access-control-allow-credentials: true
cf-ray: 829be9e69d39361e-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
booking.thehiddensun.com/	1970-01-21 01:49:16	Name: _pk_id.4.aa61 Value: bc14ae5e394747e8.1700600966.
booking.thehiddensun.com/	1970-01-20 16:23:22	Name: _pk_ses.4.aa61 Value: 1
booking.thehiddensun.com/	1969-12-31 23:59:59	Name: hasVisitedPopupPage Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.groove.cm
assets.grooveapps.com
booking.thehiddensun.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
matomo.groovetech.io
tracking.groovesell.com
104.17.6.97
104.18.20.180
142.250.186.42
172.217.18.3
172.64.147.188
172.64.205.20
188.114.96.3
188.114.97.3
04c34861a8775a267d794d77018c726ad6777ae88fbee5468f5270b00239e82d
1245212aa1981391dd525eb7b4a51ea7e13d13623211bd42c8284a73ca343218
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
33b4896eb1e9e551d2d19b6f51f54e89ad38d44bdd1a674d101c7426189c8411
42bcdacb3c1840318a52edef9a364b9ddc80280455ad746020ccbcacfce43c3a
639e46010791c3523954635ceda2ff9e829589f5193ac47b874ec8d22bd12451
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7c0a4883b53636b271986f965fcedd7b3c96ee3164d64fa6e21eb3ee7121ef5c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
854089552effea393b7219cb3c4acaeaa0ee85a396e2e342313dac67fe47eb39
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99d03512c39b3fca016da58460c9fd2f9f29a4b03306f655d4ac15525da872b2
9fbc7eca73eb2f825ab94bdae019484481f21f6ea06377ee3dd3165b9124ebb6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac3126104672409eac25ec042685e1bd05b0bbd756895c50f581e350b87463a3
c34b30be3d196a455f134497a33073b653ec4a297bfb43d4b6f9720219b1d50a
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc49bd528b7ac0bbabc9571dff2ff8d60c56fa1e9dabbd5e30745117d18f6da5
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

booking.thehiddensun.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

9 IPs

3 Countries

7684 kBTransfer

9628 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

3 Cookies

Indicators

booking.thehiddensun.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

7684 kB
Transfer

9628 kB
Size

3
Cookies

21 HTTP transactions
1 data transactions