hiddengem.reviews Open in urlscan Pro
23.111.185.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hiddengem.reviews/
Submission: On November 11 via api (November 11th 2024, 7:02:42 am UTC) from US — Scanned from CA

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 23.111.185.251, located in Tampa, United States and belongs to HVC-AS, US. The main domain is hiddengem.reviews.
TLS certificate: Issued by E5 on November 10th 2024. Valid for: 3 months.

This is the only time hiddengem.reviews was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	23.111.185.251 23.111.185.251	29802 (HVC-AS) (HVC-AS)
1 2	104.22.20.144 104.22.20.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.35.170 142.251.35.170	15169 (GOOGLE) (GOOGLE)
9 9	172.67.74.163 172.67.74.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
3	142.250.72.99 142.250.72.99	15169 (GOOGLE) (GOOGLE)
17	6

2 23.111.185.251 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 23-111-185-251.static.hvvc.us

hiddengem.reviews	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.20.144 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.170 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.74.163 (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

fastly.picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	picsum.photos 9 redirects picsum.photos — Cisco Umbrella Rank: 73362 fastly.picsum.photos — Cisco Umbrella Rank: 100571	296 KB
3	gstatic.com fonts.gstatic.com	53 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 30555	124 KB
2	hiddengem.reviews hiddengem.reviews	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	15 KB
17	6

	Domain	Requested by
9	fastly.picsum.photos	hiddengem.reviews
9	picsum.photos	9 redirects
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.tailwindcss.com	1 redirects hiddengem.reviews
2	hiddengem.reviews
1	fonts.googleapis.com	hiddengem.reviews
1	cdnjs.cloudflare.com	hiddengem.reviews
17	7

This site contains links to these domains. Also see Links.

Domain
afternic.com

Subject Issuer	Validity	Valid
hiddengem.reviews E5	`2024-11-10` - `2025-02-08`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hiddengem.reviews/
Frame ID: 9D350C68A0AEF539F6970BDD49763FC5
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HiddenGem.Reviews - Exclusive Luxury Travel Experiences

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

17
Requests

41 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

486 kB
Transfer

837 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://afternic.com/domain/hiddengem.reviews
Title: Buy This Domain

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.14

Request Chain 3

https://picsum.photos/1920/1080 HTTP 302
https://fastly.picsum.photos/id/814/1920/1080.jpg?hmac=EQPX3BZ5gp14O2lu9YJ1S9clf-X1Mc6_7Q99HVjOcHU

Request Chain 4

https://picsum.photos/400/300 HTTP 302
https://fastly.picsum.photos/id/1063/400/300.jpg?hmac=7geNWqIcnbSzijrWUf0KCRwy-LWWop1e89sjYygm_8Y

Request Chain 5

https://picsum.photos/401/300 HTTP 302
https://fastly.picsum.photos/id/96/401/300.jpg?hmac=FiEh_yPBUOl9eUhBIdRvVRfJgbrrxU8nlPLZP4FeI9Y

Request Chain 6

https://picsum.photos/402/300 HTTP 302
https://fastly.picsum.photos/id/179/402/300.jpg?hmac=Kodi-lRWRmKBTTIVI9VTqsBlrADwSsP1ZiC_yHgWEoo

Request Chain 7

https://picsum.photos/300/300 HTTP 302
https://fastly.picsum.photos/id/104/300/300.jpg?hmac=an6YknFUfFLQ6NJ-iOB4rHkNlO3D32D1U7Sy83uuXpM

Request Chain 8

https://picsum.photos/301/300 HTTP 302
https://fastly.picsum.photos/id/242/301/300.jpg?hmac=wLzRhnvi7PUQ4czY_6BhXy-B3E5gwpxOe7KH-My_yIA

Request Chain 9

https://picsum.photos/302/300 HTTP 302
https://fastly.picsum.photos/id/235/302/300.jpg?hmac=pXHEKN_zcgDysBzkWcSfmSmtid2DHnt9ZbhJ5IiQlO4

Request Chain 10

https://picsum.photos/500/300 HTTP 302
https://fastly.picsum.photos/id/292/500/300.jpg?hmac=g6c0N1WLJbtvNdACe4VMmiB8ud88jCRsW4O3JvMpTy8

Request Chain 11

https://picsum.photos/501/300 HTTP 302
https://fastly.picsum.photos/id/655/501/300.jpg?hmac=SZ9zWLDR8BIUH1-lERnNMM267b0Rf4MtRZ1isn49ObE

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hiddengem.reviews/ 12 KB
3 KB 466ms
112ms Document
text/html 23.111.185.251
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hiddengem.reviews/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.185.251 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 23-111-185-251.static.hvvc.us
Software: openresty /
Resource Hash: 2d4b93309aa7985f6fb22e33e8461814faa2ac7e9fc0f454a2e6f260fb21953e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 11 Nov 2024 07:02:34 GMT
server: openresty
x-served-by: hiddengem.reviews

GET
H2

200

3.4.14 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.14

396 KB
124 KB

30ms
25ms

Script
text/javascript

104.22.20.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.14

Requested by

Host: hiddengem.reviews
URL: https://hiddengem.reviews/

Protocol

Server

104.22.20.144 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e13fc042236bf75a9d01bbfdf1c2c2fc71d439637bcbdda1387446b4d2ff33f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

server: cloudflare
strict-transport-security: max-age=63072000
cache-control: max-age=31536000
content-encoding: br
x-vercel-cache: MISS
cf-cache-status: HIT
age: 514250
cf-ray: 8e0c6ae2fd3fa21d-YYZ
date: Mon, 11 Nov 2024 07:02:34 GMT
content-type: text/javascript
last-modified: Tue, 29 Oct 2024 00:27:00 GMT
vary: Accept-Encoding
x-vercel-id: cle1::iad1::kxrpf-1730161619683-fc6a4a794a22

Redirect headers

strict-transport-security: max-age=63072000
cache-control: max-age=14400
location: /3.4.14
x-vercel-cache: MISS
cf-cache-status: HIT
age: 12
cf-ray: 8e0c6ae2ad01a21d-YYZ
date: Mon, 11 Nov 2024 07:02:34 GMT
vary: Accept-Encoding
server: cloudflare
x-vercel-id: cle1::iad1::gqtrd-1731308011047-2eb8529db1d0

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 82 KB
15 KB 256ms
54ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: hiddengem.reviews
URL: https://hiddengem.reviews/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "619c057b-3a02"
age: 513129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9ZZOAgwgZBdXZcqhia0yUN1Z3yGTREsQ5S%2BzG0UmnLgJDtggIlBEJpL3p6KYnxoGYOPN3e%2FkE1db9brWaWIUUgF1xo%2FKXjDIU4t5cMep3b1KuyoMaHPDTqH%2FnTsMJ%2BXyRX9FEZR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 07:02:34 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 07:02:34 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e0c6ae16ab0aa9b-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14850
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 580ms
52ms Stylesheet
text/css 142.251.35.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;700&family=Poppins:wght@300;400;600&display=swap

Requested by

Host: hiddengem.reviews
URL: https://hiddengem.reviews/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f10.1e100.net

Software

ESF /

Resource Hash

8fdd3ebf14b37decc01c09e77f3c107723796898330e214bc67861cdd9d0dd98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 07:02:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 07:02:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 11 Nov 2024 07:02:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2

200

1080.jpg
fastly.picsum.photos/id/814/1920/
Redirect Chain

https://picsum.photos/1920/1080
https://fastly.picsum.photos/id/814/1920/1080.jpg?hmac=EQPX3BZ5gp14O2lu9YJ1S9clf-X1Mc6_7Q99HVjOcHU

145 KB
145 KB

95ms
18ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/814/1920/1080.jpg?hmac=EQPX3BZ5gp14O2lu9YJ1S9clf-X1Mc6_7Q99HVjOcHU
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 36356fec1e06ebb73b9514064de73249c2d1b84f6c51e9d1a82f060758245a65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 490140
picsum-id: 814
x-cache: HIT
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="814-1920x1080.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.105897,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
content-length: 148126
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/814/1920/1080.jpg?hmac=EQPX3BZ5gp14O2lu9YJ1S9clf-X1Mc6_7Q99HVjOcHU
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5H9rqHmgROR%2Byz2jiT%2FpHx7zMplePFjVlD7yA2PlS%2F5%2B5X8I4CXChesOVOge%2FvLVfiC58lHwrcEgNvbpm%2F8pO41JNaKKwTfg3KoK0S7o0wxCMVSkT5vM22BBa9UC0gE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae1c9c0a217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22139&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4331&recv_bytes=4831&delivery_rate=466&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=629&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:34 GMT
vary: Origin
server: cloudflare
priority: u=2,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/1063/400/
Redirect Chain

https://picsum.photos/400/300
https://fastly.picsum.photos/id/1063/400/300.jpg?hmac=7geNWqIcnbSzijrWUf0KCRwy-LWWop1e89sjYygm_8Y

30 KB
30 KB

707ms
631ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/1063/400/300.jpg?hmac=7geNWqIcnbSzijrWUf0KCRwy-LWWop1e89sjYygm_8Y
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ad588bfd05ecb8ad242852942a74115b87bae2272170f0ba326deb743752a05a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 1063
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="1063-400x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.106267,VS0,VE613
via: 1.1 varnish
accept-ranges: bytes
content-length: 30531
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/1063/400/300.jpg?hmac=7geNWqIcnbSzijrWUf0KCRwy-LWWop1e89sjYygm_8Y
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybl4vX5d4Bpu8oKqypTzvnTnoH5oPHkvj1T58f696HyVCSN94bqCh77QZwC0lE4x5zsOSq24Nu%2BsZoHuEAoxvkkme60ADkjopCaDRuZ0AeIBZhtrPunty7DBuVRDiJM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae1c9bda217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22139&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5098&recv_bytes=4831&delivery_rate=466&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=633&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:34 GMT
vary: Origin
server: cloudflare
priority: u=2,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/96/401/
Redirect Chain

https://picsum.photos/401/300
https://fastly.picsum.photos/id/96/401/300.jpg?hmac=FiEh_yPBUOl9eUhBIdRvVRfJgbrrxU8nlPLZP4FeI9Y

9 KB
9 KB

570ms
532ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/96/401/300.jpg?hmac=FiEh_yPBUOl9eUhBIdRvVRfJgbrrxU8nlPLZP4FeI9Y
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f4ff1a8424c380d1e759f8845b1f9e1bb7a5a6f6d26f7246616ef5f74125924

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 96
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="96-401x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.106564,VS0,VE511
via: 1.1 varnish
accept-ranges: bytes
content-length: 9369
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/96/401/300.jpg?hmac=FiEh_yPBUOl9eUhBIdRvVRfJgbrrxU8nlPLZP4FeI9Y
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hexysMPk5FO%2F5cPsF8tqzqia8on9gFPiAq6AjzKplh%2Bjy72pj%2B4tPNzxGjxI%2BWZnjoIdvEfLzA8CjYLRItMFJlPrnbTH08MHh9NXS4HM7eo49u0kly38HAdq3bThq9I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae43b1aa217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22061&sent=17&recv=20&lost=0&retrans=0&sent_bytes=5869&recv_bytes=7218&delivery_rate=69026&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=766&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=2,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/179/402/
Redirect Chain

https://picsum.photos/402/300
https://fastly.picsum.photos/id/179/402/300.jpg?hmac=Kodi-lRWRmKBTTIVI9VTqsBlrADwSsP1ZiC_yHgWEoo

16 KB
16 KB

631ms
594ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/179/402/300.jpg?hmac=Kodi-lRWRmKBTTIVI9VTqsBlrADwSsP1ZiC_yHgWEoo
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 295be27cad8c4a90721f256f6d77966c7786a030efa8c7081416c0b9b4d6e732

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 179
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="179-402x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.106198,VS0,VE576
via: 1.1 varnish
accept-ranges: bytes
content-length: 16030
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/179/402/300.jpg?hmac=Kodi-lRWRmKBTTIVI9VTqsBlrADwSsP1ZiC_yHgWEoo
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7d%2BhWh%2FS1No3ZJSiJfLO5avZDUnpO3QK1%2F97ooFLXbQy7qYhVC8LsGt84wI54xcPbKSUi86jgYN8%2FJtpcuglWuBP5C8w8tVLs5b2nQe3Z390ESNLIg%2FXNcY%2FGBFhPFY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae43b1ba217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22061&sent=18&recv=20&lost=0&retrans=0&sent_bytes=6599&recv_bytes=7218&delivery_rate=69026&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=767&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=2,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/104/300/
Redirect Chain

https://picsum.photos/300/300
https://fastly.picsum.photos/id/104/300/300.jpg?hmac=an6YknFUfFLQ6NJ-iOB4rHkNlO3D32D1U7Sy83uuXpM

12 KB
12 KB

58ms
20ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/104/300/300.jpg?hmac=an6YknFUfFLQ6NJ-iOB4rHkNlO3D32D1U7Sy83uuXpM
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 128579c202322db0a5bf4445e43439f395ce06820961d0536b005213dedab457

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 1159918
picsum-id: 104
x-cache: HIT
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="104-300x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.106541,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
content-length: 12651
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/104/300/300.jpg?hmac=an6YknFUfFLQ6NJ-iOB4rHkNlO3D32D1U7Sy83uuXpM
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0R00t4icNHgd%2BYdQ3ZsvsNnc9G2qhGmLG2YtI4bMjuQLVS%2F%2FKa5u4ElhJEtI%2FRQ%2BEcAn9O%2FS2zXHJQlwuVfpzs3rZn4UaSZtrE3T1vDkz53%2FHmhk8iA8lmvo%2F1j39tA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae43b1ca217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22061&sent=19&recv=20&lost=0&retrans=0&sent_bytes=7331&recv_bytes=7218&delivery_rate=69026&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=767&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=2,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/242/301/
Redirect Chain

https://picsum.photos/301/300
https://fastly.picsum.photos/id/242/301/300.jpg?hmac=wLzRhnvi7PUQ4czY_6BhXy-B3E5gwpxOe7KH-My_yIA

16 KB
16 KB

660ms
627ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/242/301/300.jpg?hmac=wLzRhnvi7PUQ4czY_6BhXy-B3E5gwpxOe7KH-My_yIA
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e35f3c582025949abbcdee0a596e92cff9bea6d490209c40c334b0999bd467ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 242
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="242-301x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.106510,VS0,VE600
via: 1.1 varnish
accept-ranges: bytes
content-length: 16631
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/242/301/300.jpg?hmac=wLzRhnvi7PUQ4czY_6BhXy-B3E5gwpxOe7KH-My_yIA
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwFquy7vV8XJs5FmzJFErVfmcJljhTk3hiOchm91FBY%2BEPBcJZSOApTiYzOJ1LE8xzTi9g1ExMyPO2gh5lXAS974F5oOdBycoED09NXjh%2FNa632%2BjfoAoaKyM4GwIP4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae43b1da217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22061&sent=20&recv=20&lost=0&retrans=0&sent_bytes=8065&recv_bytes=7218&delivery_rate=69026&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=769&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=3,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/235/302/
Redirect Chain

https://picsum.photos/302/300
https://fastly.picsum.photos/id/235/302/300.jpg?hmac=pXHEKN_zcgDysBzkWcSfmSmtid2DHnt9ZbhJ5IiQlO4

13 KB
13 KB

512ms
511ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/235/302/300.jpg?hmac=pXHEKN_zcgDysBzkWcSfmSmtid2DHnt9ZbhJ5IiQlO4
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a475743f4d79dcef918c5f6c2eb9d85a70295af9c7478eaa9751e7730a2175af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 235
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="235-302x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.196485,VS0,VE493
via: 1.1 varnish
accept-ranges: bytes
content-length: 12979
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/235/302/300.jpg?hmac=pXHEKN_zcgDysBzkWcSfmSmtid2DHnt9ZbhJ5IiQlO4
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iiRirwqmLrzf5lNaYcOriuB%2BXO6KAIVetzuoB6iF12S8voWRe9b4cqAB%2Fnx3VZ%2BZp5uMi6nw1ixEs1LBCyu27NDQJjEumU9WJ4%2B9%2BDjKd2mUxX9wbej0yL3AoT5i6LI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae4fb90a217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24112&sent=21&recv=22&lost=0&retrans=0&sent_bytes=8793&recv_bytes=7304&delivery_rate=100747&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=892&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=3,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/292/500/
Redirect Chain

https://picsum.photos/500/300
https://fastly.picsum.photos/id/292/500/300.jpg?hmac=g6c0N1WLJbtvNdACe4VMmiB8ud88jCRsW4O3JvMpTy8

20 KB
21 KB

603ms
601ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/292/500/300.jpg?hmac=g6c0N1WLJbtvNdACe4VMmiB8ud88jCRsW4O3JvMpTy8
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85374a2c638039c7cd643906af6a7c6b159a03ff361c6310953b489efa2c0922

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 292
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="292-500x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.196524,VS0,VE582
via: 1.1 varnish
accept-ranges: bytes
content-length: 20870
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/292/500/300.jpg?hmac=g6c0N1WLJbtvNdACe4VMmiB8ud88jCRsW4O3JvMpTy8
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5r0mdpa028bOHQECQX5kHEmnxPXQA7thkSBrOcFDmlFhs2pkdmeGCmwrer1Secrq%2FAqdPnL5jGa4TAXqlWyrluZ0HAJMxznRMZZfrP3H4Q9S0UajUCtzhtoCMEp9qTM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae4fb91a217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24112&sent=22&recv=22&lost=0&retrans=0&sent_bytes=9523&recv_bytes=7304&delivery_rate=100747&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=892&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=3,i

GET
H2

200

300.jpg
fastly.picsum.photos/id/655/501/
Redirect Chain

https://picsum.photos/501/300
https://fastly.picsum.photos/id/655/501/300.jpg?hmac=SZ9zWLDR8BIUH1-lERnNMM267b0Rf4MtRZ1isn49ObE

27 KB
27 KB

631ms
630ms

Image
image/jpeg

151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/655/501/300.jpg?hmac=SZ9zWLDR8BIUH1-lERnNMM267b0Rf4MtRZ1isn49ObE
Requested by: Host: hiddengem.reviews
URL: https://hiddengem.reviews/
Protocol: H2
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d8637df0a1818630331f957af558bd87c4829f68da6ae2328c30956044fdc93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

age: 0
picsum-id: 655
x-cache: MISS
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: image/jpeg
vary: Origin
x-cache-hits: 0
content-disposition: inline; filename="655-501x300.jpg"
x-served-by: cache-yyz4565-YYZ
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
timing-allow-origin: *
x-timer: S1731308555.196595,VS0,VE605
via: 1.1 varnish
accept-ranges: bytes
content-length: 27975
server: nginx

Redirect headers

strict-transport-security: max-age=15552000
cache-control: private, no-cache, no-store, must-revalidate
location: https://fastly.picsum.photos/id/655/501/300.jpg?hmac=SZ9zWLDR8BIUH1-lERnNMM267b0Rf4MtRZ1isn49ObE
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6%2Ff3Qc15axHB9khGt7aJn7TVnsvBf9AyGBsBnsIb6mvOwoRhMVfrhrgCvAek%2BNSK3AqveMRvn4Uc18Tg%2FvC2BN%2FgA890g%2BPbCJ0y038kkvfrZBxLbiEoE86Y5LXXHA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e0c6ae4fb94a217-YYZ
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24112&sent=23&recv=22&lost=0&retrans=0&sent_bytes=10248&recv_bytes=7304&delivery_rate=100747&cwnd=12000&unsent_bytes=0&cid=cc4322afe122b4ac&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Mon, 11 Nov 2024 07:02:35 GMT
vary: Origin
server: cloudflare
priority: u=3,i

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 84ms
33ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;700&family=Poppins:wght@300;400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hiddengem.reviews
Referer: https://fonts.googleapis.com/

Response headers

age: 412742
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 12:23:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 12:23:33 GMT
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 102ms
51ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;700&family=Poppins:wght@300;400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hiddengem.reviews
Referer: https://fonts.googleapis.com/

Response headers

age: 299887
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 19:44:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 19:44:28 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 88ms
38ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;700&family=Poppins:wght@300;400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hiddengem.reviews
Referer: https://fonts.googleapis.com/

Response headers

age: 299316
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 07 Nov 2025 19:53:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 07 Nov 2024 19:53:59 GMT
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38372
x-xss-protection: 0
server: sffe

GET
H2 404 favicon.ico
hiddengem.reviews/ 232 B
287 B 69ms
68ms Other
text/html 23.111.185.251
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hiddengem.reviews/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.185.251 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 23-111-185-251.static.hvvc.us
Software: openresty /
Resource Hash: 9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hiddengem.reviews/

Response headers

content-encoding: gzip
date: Mon, 11 Nov 2024 07:02:35 GMT
content-type: text/html; charset=utf-8
server: openresty

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind string| /template.html

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hiddengem.reviews/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
cdnjs.cloudflare.com
fastly.picsum.photos
fonts.googleapis.com
fonts.gstatic.com
hiddengem.reviews
picsum.photos
104.17.24.14
104.22.20.144
142.250.72.99
142.251.35.170
151.101.65.91
172.67.74.163
23.111.185.251
128579c202322db0a5bf4445e43439f395ce06820961d0536b005213dedab457
295be27cad8c4a90721f256f6d77966c7786a030efa8c7081416c0b9b4d6e732
2d4b93309aa7985f6fb22e33e8461814faa2ac7e9fc0f454a2e6f260fb21953e
36356fec1e06ebb73b9514064de73249c2d1b84f6c51e9d1a82f060758245a65
5d8637df0a1818630331f957af558bd87c4829f68da6ae2328c30956044fdc93
5f4ff1a8424c380d1e759f8845b1f9e1bb7a5a6f6d26f7246616ef5f74125924
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
85374a2c638039c7cd643906af6a7c6b159a03ff361c6310953b489efa2c0922
8fdd3ebf14b37decc01c09e77f3c107723796898330e214bc67861cdd9d0dd98
9177a352dcbf8875ebb2e22e682760d47faa4d77398add153dd7084e7568c5bc
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a475743f4d79dcef918c5f6c2eb9d85a70295af9c7478eaa9751e7730a2175af
ad588bfd05ecb8ad242852942a74115b87bae2272170f0ba326deb743752a05a
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
e13fc042236bf75a9d01bbfdf1c2c2fc71d439637bcbdda1387446b4d2ff33f8
e35f3c582025949abbcdee0a596e92cff9bea6d490209c40c334b0999bd467ed
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

hiddengem.reviews Open in urlscan Pro 23.111.185.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

41 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

486 kBTransfer

837 kBSize

0 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

hiddengem.reviews Open in urlscan Pro
23.111.185.251 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

41 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

486 kB
Transfer

837 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions