hiddenlayerpost.pages.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hiddenlayerpost.pages.dev/
Submission: On October 01 via automatic, source certstream-suspicious (October 1st 2022, 3:14:14 pm UTC) — Scanned from NL

Summary HTTP 15 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is hiddenlayerpost.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on October 1st 2022. Valid for: 3 months.

This is the only time hiddenlayerpost.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.180.234 142.250.180.234	15169 (GOOGLE) (GOOGLE)
8	52.216.229.181 52.216.229.181	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
15	4

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

hiddenlayerpost.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.234 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.216.229.181 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	amazonaws.com s3.amazonaws.com	434 KB
4	pages.dev hiddenlayerpost.pages.dev	9 KB
2	gstatic.com fonts.gstatic.com	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
15	4

	Domain	Requested by
8	s3.amazonaws.com	hiddenlayerpost.pages.dev
4	hiddenlayerpost.pages.dev	hiddenlayerpost.pages.dev
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	hiddenlayerpost.pages.dev
15	4

This site contains links to these domains. Also see Links.

Domain
slides.com
sitanshushekhar.com.np
twitter.com
lesscss.org
help.slides.com

Subject Issuer	Validity	Valid
*.hiddenlayerpost.pages.dev GTS CA 1P5	`2022-10-01` - `2022-12-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hiddenlayerpost.pages.dev/
Frame ID: 7B39CBAE80E82F886AEB80B1631FDA04
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Progress Nav

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

480 kB
Transfer

494 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://slides.com/developers
Title: slides.com/developers

Search URL Search Domain Scan URL

URL: http://sitanshushekhar.com.np/
Title: sitanshushkehar.com.np

Search URL Search Domain Scan URL

URL: http://twitter.com/mrsitanshu
Title: @mrsitanshu

Search URL Search Domain Scan URL

URL: http://lesscss.org/
Title: LESS

Search URL Search Domain Scan URL

URL: http://help.slides.com/knowledgebase/articles/1077976-custom-fonts-pro
Title: Find out more

Search URL Search Domain Scan URL

URL: https://twitter.com/hakimel
Title: Follow @mrsitanshu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hiddenlayerpost.pages.dev/ 13 KB
4 KB 462ms
387ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hiddenlayerpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f81b2418b09562c080a589618f40854ae5c3ac77a4ccb75c9efbcfa6362384

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 753625754ac490c1-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 01 Oct 2022 15:14:09 GMT
etag: W/"170a412964af6cac2942d4a19b39b2fc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhBkg%2B20HaibrsTs9OYAx3XYFdS7zDgH03B7OUUdWhNjFwwFNmUQzfpdJF4wTttOZ4XP15H8o8cCtGtDTED0TXDqlAtigyr2tkbjFdb0sC3lBCJrbyZvnaecMlObMOF7zwXG2%2BKs4IJXvORcJMYimh3D%2FKFCcOAG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 475ms
63ms Stylesheet
text/css 142.250.180.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre|Roboto

Requested by

Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f10.1e100.net

Software

ESF /

Resource Hash

01c2d31beebee82081d79748071672526ddf18a9377e882f5378046b7248a1d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Oct 2022 15:14:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 15:14:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Oct 2022 15:14:09 GMT

GET
H2 200 normalize.css
hiddenlayerpost.pages.dev/ 8 KB
3 KB 385ms
380ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hiddenlayerpost.pages.dev/normalize.css

Requested by

Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa348e08b1bd315ba35da0ec2667d741026f41355986d687878831b72c7d520a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:14:09 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5483411e67634232e5194b09dd0031ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luCqGdL1um4LkkaIAzSWNvnC1IHzYCQ2%2BTMNz%2BPmR9l23YKfqpb5D%2B6dAE7OoKX47Icjq9oHWpbiJtRAqu1pLSao8v4DNvbY7TZbsCTntweCs%2BvQfnnW0sO5FjUbI0WinZsYDTecVO7FISnAyAjGA1nELzLQdGA6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 75362577ce3590c1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
hiddenlayerpost.pages.dev/ 1 KB
861 B 389ms
384ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hiddenlayerpost.pages.dev/style.css

Requested by

Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7d1ca3ab5751ae4541c3e68ff8ab61820b0ae7ba4aa5adf5cbe23700dcf6ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:14:09 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"13e653545d8d254881c69c6740515c55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDsaNTg6s2tjyHBnY05xQFOpPRrt9mU6wGQlCX%2FsgImbGgyZYSV9OonssXCm7G3uih4pZnPWNj5Xo5KnTDr8qAftU7gh8QVr%2FJEmHqDuImr1LFyHDE1b0GdI6o50C6UHyNfmmp8TEa%2F%2FXNuWugQNaF3jCN6PS3ns"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 75362577ce3690c1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK slides-developer-mode-1.png
s3.amazonaws.com/static.slid.es/site/developers/ 20 KB
20 KB 506ms
143ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-developer-mode-1.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b6100e701a1ac194c0f196d8c2ca27fa204f6feb2f8d0ef45879c5dfcc4d026c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Tue, 31 May 2016 10:32:07 GMT
Server: AmazonS3
x-amz-request-id: 2Y6S8S4EX8TA58HD
ETag: "d6d1650b75d5df2ca111dd6c8c86a4a9"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 20246
x-amz-id-2: NHhJGU8ZAqbnKMRd/9E1OvdATjpeuoZTtU9FSzziw289j8a/ewbINAJH2OJjdH4173cAegVRDOo=

GET
H/1.1 200
OK slides-developer-mode-2.png
s3.amazonaws.com/static.slid.es/site/developers/ 13 KB
13 KB 696ms
138ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-developer-mode-2.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 264fb1f8f8d7b921c89ff82f4509d92aa9c99ac1dce872af0cb886b808e90904

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Tue, 31 May 2016 10:32:07 GMT
Server: AmazonS3
x-amz-request-id: 2Y6VF7K9D4VH1VVB
ETag: "765c93b45efd25da4ceccb4c23da90bd"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 13103
x-amz-id-2: 2VRmx8+2LG/eTQQf0yU6szF94DymqDF/VI/ajjEnKdlNwDHhyTZV4ud+UNhyAaO37GNvFnuPQUM=

GET
H/1.1 200
OK slides-developer-mode-3.png
s3.amazonaws.com/static.slid.es/site/developers/ 17 KB
18 KB 693ms
133ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-developer-mode-3.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d6fa90dcb0c7df10d4bd047a6588ddbe7515875aa74480e6e3d86f7f107db17b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Tue, 31 May 2016 10:32:07 GMT
Server: AmazonS3
x-amz-request-id: 2Y6YSGFD8YFV1EHJ
ETag: "264047a98cccea230e0f09cb413bd5f1"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 17911
x-amz-id-2: 911B4kXf1C2WIDOLsLgxfqXnxYSuXLQGrgF/wBhg09qql2hw68UDh4jgEA/K6SpSQ9vI+G4RlyM=

GET
H/1.1 200
OK slides-developer-mode-4.png
s3.amazonaws.com/static.slid.es/site/developers/ 27 KB
27 KB 696ms
135ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-developer-mode-4.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9be0f59aa89ce7e6e04dcd9ccaddfd4a8b9d88cce8be68f2cfcd4b9da7262699

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Tue, 31 May 2016 10:32:08 GMT
Server: AmazonS3
x-amz-request-id: 2Y6QQ2JVWAAR70JZ
ETag: "21e9ac72283a6b52393f3720cc5ba227"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 27251
x-amz-id-2: 00SD/IXMPEzsweJ0nmQYkpMlgZ1jC3nU/VUyHyMgwg/7YV/JqMw+PCd4eGmLgv39xDwI537q0cM=

GET
H/1.1 200
OK slides-developer-mode-5.png
s3.amazonaws.com/static.slid.es/site/developers/ 21 KB
21 KB 715ms
149ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-developer-mode-5.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 64a76197418ed2b987a1ff5248b18123b7efb70c1e664dbc5ecab7e1a9d68d10

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Tue, 31 May 2016 10:32:08 GMT
Server: AmazonS3
x-amz-request-id: 2Y6N9TA7PRW26MTH
ETag: "56687ad06f049027d4fe069b2777b52a"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 21313
x-amz-id-2: usur7oY2mzCjT1LOo2IIse8ekJ4gso8G35I1Fr1eAYflpZnGaFZqOczxIzKA/Gc9MPC9ZIpOojo=

GET
H/1.1 200
OK slides-developer-mode-6.png
s3.amazonaws.com/static.slid.es/site/developers/ 34 KB
34 KB 724ms
143ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-developer-mode-6.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e25d5b0d462b5637c1de2cef3421f3b88ae9bc3354bd13824ee39a7b1c4fb44f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Tue, 31 May 2016 10:32:08 GMT
Server: AmazonS3
x-amz-request-id: 2Y6K8J8VWGQPP6P0
ETag: "0c779cf2fc27aee59bc599a594805a89"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 34410
x-amz-id-2: qWchKqvDEyBzr/HLmd3p11Qs8SxrY7Rl6MIWOjYNw6PUCCVXLYSEU26/UIwRj+jjbFMe5M8I5Do=

GET
H/1.1 200
OK slides-css-editor-1.png
s3.amazonaws.com/static.slid.es/site/developers/ 190 KB
190 KB 185ms
185ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-css-editor-1.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c386c6afe73104d98350c6fce9bbe0b19180ef9afff084b705cc03b4591188a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:10 GMT
Last-Modified: Thu, 29 Sep 2016 10:01:34 GMT
Server: AmazonS3
x-amz-request-id: 2Y6GRSZJBNKFA0EM
ETag: "bf404bc76dafb4ce50261b13f78899ac"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 194553
x-amz-id-2: 41TtlT1pSW6C2IauNzQdwh6LJsY2gQx10WvLXPAo75GWQskk/0WyH6F5l/xlO6/EEMC5CGl3Ot0=

GET
H/1.1 200
OK slides-css-editor-2.png
s3.amazonaws.com/static.slid.es/site/developers/ 110 KB
111 KB 161ms
160ms Image
image/png 52.216.229.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/static.slid.es/site/developers/slides-css-editor-2.png
Requested by: Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.229.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e483ff789595b85d02b67daec2d11366d5911c0cd53e400efb5f37c084d75f9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 15:14:11 GMT
Last-Modified: Thu, 29 Sep 2016 10:01:35 GMT
Server: AmazonS3
x-amz-request-id: 2YMV74BMDC67KJ2Y
ETag: "b93219a77953a2640a00df78825dcd09"
Content-Type: image/png
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 112848
x-amz-id-2: r2oxasT8yqcX1l1JLKG0h7pl7xD0X+/0H4YIa/UOtc1kewdAr0ha0hSPkT/FgIhe9aB5YANGN8E=

GET
H2 200 script.js Show response
hiddenlayerpost.pages.dev/ 3 KB
1 KB 397ms
393ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hiddenlayerpost.pages.dev/script.js

Requested by

Host: hiddenlayerpost.pages.dev
URL: https://hiddenlayerpost.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50bc983f2a4dcc5b79bf1940fbcb354246ec275194d55ed609a19d6cae92b499

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://hiddenlayerpost.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:14:09 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"39f496b7f9dcecb91fc80ddeae4057d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObveTXqtD9Uf7W9M1QeNJPs41DUs4dHwXEuctWwT4FQl2oSf3iRRGNWK8a4KuAdZIrWF7wzQa6bgU70jNoKlYcDGEaYv1pG1mQd6OjXPx0eMWbWVKCxd36iX4I02obbDszaVD1y6yw6F8LJL2W1isEnXVFPUyFGB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 75362577ee6f90c1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre|Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hiddenlayerpost.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 92800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 13:27:29 GMT

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v12/ 20 KB
20 KB 73ms
27ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v12/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre|Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hiddenlayerpost.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:02:28 GMT
x-content-type-options: nosniff
age: 151901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20072
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:16:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 21:02:28 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hiddenlayerpost.pages.dev
s3.amazonaws.com
142.250.180.234
2a00:1450:4001:827::2003
2a06:98c1:3120::3
52.216.229.181
01c2d31beebee82081d79748071672526ddf18a9377e882f5378046b7248a1d1
264fb1f8f8d7b921c89ff82f4509d92aa9c99ac1dce872af0cb886b808e90904
50bc983f2a4dcc5b79bf1940fbcb354246ec275194d55ed609a19d6cae92b499
64a76197418ed2b987a1ff5248b18123b7efb70c1e664dbc5ecab7e1a9d68d10
8c6db249df1966e3ac79a1330df310a02acbe88c1ec9caa389fb1ee13c103102
9be0f59aa89ce7e6e04dcd9ccaddfd4a8b9d88cce8be68f2cfcd4b9da7262699
aa348e08b1bd315ba35da0ec2667d741026f41355986d687878831b72c7d520a
b6100e701a1ac194c0f196d8c2ca27fa204f6feb2f8d0ef45879c5dfcc4d026c
b7d1ca3ab5751ae4541c3e68ff8ab61820b0ae7ba4aa5adf5cbe23700dcf6ebb
c386c6afe73104d98350c6fce9bbe0b19180ef9afff084b705cc03b4591188a7
d6fa90dcb0c7df10d4bd047a6588ddbe7515875aa74480e6e3d86f7f107db17b
e25d5b0d462b5637c1de2cef3421f3b88ae9bc3354bd13824ee39a7b1c4fb44f
e483ff789595b85d02b67daec2d11366d5911c0cd53e400efb5f37c084d75f9b
e5f81b2418b09562c080a589618f40854ae5c3ac77a4ccb75c9efbcfa6362384
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

hiddenlayerpost.pages.dev Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

480 kBTransfer

494 kBSize

0 Cookies

6 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

hiddenlayerpost.pages.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

480 kB
Transfer

494 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions