thehiddensun.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thehiddensun.com/
Effective URL:
https://thehiddensun.com/
Submission: On April 04 via api (April 4th 2024, 12:28:11 am UTC) from US — Scanned from NL

Summary HTTP 63 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 12 domains to perform 63 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is thehiddensun.com.
TLS certificate: Issued by GTS CA 1P5 on March 19th 2024. Valid for: 3 months.

This is the only time thehiddensun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
8	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
4	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
10	34.246.4.82 34.246.4.82	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.77.38 192.0.77.38	2635 (AUTOMATTIC) (AUTOMATTIC)
1	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
63	17

19 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

thehiddensun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts-api.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.246.4.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.38 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	thehiddensun.com thehiddensun.com	460 KB
17	wp.com stats.wp.com — Cisco Umbrella Rank: 2852 i0.wp.com — Cisco Umbrella Rank: 3842 s0.wp.com — Cisco Umbrella Rank: 8636 pixel.wp.com — Cisco Umbrella Rank: 2813 fonts-api.wp.com — Cisco Umbrella Rank: 18062 fonts.wp.com — Cisco Umbrella Rank: 18805	624 KB
12	pubmine.com s.pubmine.com — Cisco Umbrella Rank: 16263 c0.pubmine.com — Cisco Umbrella Rank: 39302	195 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 664	121 KB
2	gstatic.com fonts.gstatic.com	173 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 626	17 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115	188 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3714	528 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	6 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1583	4 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	337 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2221	4 KB
63	12

	Domain	Requested by
19	thehiddensun.com	thehiddensun.com
10	s.pubmine.com	thehiddensun.com c0.pubmine.com
8	i0.wp.com	thehiddensun.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	pixel.wp.com	thehiddensun.com
2	fonts.gstatic.com	thehiddensun.com
2	c0.pubmine.com	thehiddensun.com c0.pubmine.com
2	fonts.wp.com	fonts-api.wp.com
2	ssl.google-analytics.com	1 redirects thehiddensun.com
2	pagead2.googlesyndication.com	thehiddensun.com pagead2.googlesyndication.com
2	stats.wp.com	thehiddensun.com
1	hb-api.omnitagjs.com	c0.pubmine.com
1	fonts.googleapis.com
1	a.teads.tv	c0.pubmine.com
1	stats.g.doubleclick.net	thehiddensun.com
1	fonts-api.wp.com	thehiddensun.com
1	s0.wp.com	thehiddensun.com
1	secure.gravatar.com	thehiddensun.com
63	18

This site contains links to these domains. Also see Links.

Domain
thehiddensuncom.wordpress.com
booking.thehiddensun.com
www.facebook.com
www.youtube.com
bit.ly
wordpress.com
wordpress.org

Subject Issuer	Validity	Valid
thehiddensun.com GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
s.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-02` - `2024-10-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-05-04`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://thehiddensun.com/
Frame ID: 5171EE5F5BDF274D144B3A53E045C076
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Hidden Sun - Hidden No More

Page URL History Show full URLs

http://thehiddensun.com/ HTTP 307
https://thehiddensun.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

95 %
HTTPS

38 %
IPv6

12
Domains

18
Subdomains

17
IPs

6
Countries

1806 kB
Transfer

4443 kB
Size

12
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://thehiddensuncom.wordpress.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://booking.thehiddensun.com/
Title: BOOK AN APPOINTMENT

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheHiddenBing
Title: Facebook Page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/PaulynneCheng
Title: YouTube Channel

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheHiddenBing/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://bit.ly/3iylVMv

Search URL Search Domain Scan URL

URL: https://bit.ly/3MMDY1e

Search URL Search Domain Scan URL

URL: https://wordpress.com/?ref=footer_custom_powered
Title: Powered by WordPress.com

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thehiddensun.com/ HTTP 307
https://thehiddensun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=898733423&utmhn=thehiddensun.com&utmcs=UTF-8&utmsr=800x600&utmvp=1600x1113&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Hidden%20Sun%20-%20Hidden%20No%20More&utmhid=1065932410&utmr=-&utmp=%2F&utmht=1712190486761&utmac=UA-172346176-1&utmcc=__utma%3D23759231.1924254625.1712190487.1712190487.1712190487.1%3B%2B__utmz%3D23759231.1712190487.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1035129596&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-172346176-1&cid=1924254625.1712190487&jid=1035129596&_v=5.7.2&z=898733423

63 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
thehiddensun.com/
Redirect Chain

http://thehiddensun.com/
https://thehiddensun.com/

216 KB
59 KB

90ms
34ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

851910108a58de181d3985b12f3c70bbe1b73cb401713763ef514a5e54f2770a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86ed2d2b68780b80-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Apr 2024 00:28:06 GMT
host-header: WordPress.com
link: <https://thehiddensun.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/bIXNG>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njQFWrf9%2FHHGoW77AAYG5g1ayctmAw4e30Huy5hxN%2FSlCPTT5Q86nXlAGEmhcSCXT4x47ZPfMALKkQDJoB74JWFs1ojkAiF7%2BVUEtq71u7VGaIQqGiCSO0qPcWAy5vJ4eTKJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding accept, content-type, cookie
x-ac: 5.ams _atomic_ams STALE
x-hacker: Want root? Visit join.a8c.com and mention this header.

Redirect headers

Location: https://thehiddensun.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 /
thehiddensun.com/_static/ 978 KB
148 KB 218ms
217ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68affeab03f7da878c0f8578a85c20daa72bc981a5e6441e2c7dbe9b6d2d18f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Mar 2024 07:33:00 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"6c36140e9e01d7b344a7493e62eb7c27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbNNiFIdRfk97LOfVB9qMatJrhzDNbwkvfOgNtdwpLffP3ZGDBgQcdLljX5Hn4CF%2FYPs3T5AibIvexrR5XeCId7qVhV4JsTs8QC48jmxpW6i1kI%2FD8xRDAwwuCz1ZC%2Fe2QdH"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
cf-ray: 86ed2d2b98850b80-AMS

GET
H3 200 dashicons.min.css
thehiddensun.com/wp-includes/css/ 58 KB
35 KB 30ms
29ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-includes/css/dashicons.min.css?ver=6.5

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams MISS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96287
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
etag: W/"603ffca6-e688"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrEvNE9rogcwjj8iCvKwpgR%2BvH185iXzKSlJvfkKCdiBHYmzo8E8zT%2BUUQ%2Brx%2BZ%2F2a%2B5YZzVb7XpaRTP0fAzBnQvvDUIrACzJjAT5icv7izV5EmyEw4mXP%2FEwIeB%2B%2FmfX1km"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 86ed2d2b98860b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 masterbar.css
thehiddensun.com/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/ 696 B
1 KB 46ms
45ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/masterbar.css?ver=2.3.11

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d0962eeebc354d3d1c7b4f4fa1fdfa6d9357e4aaa8fee9a69aee739dbe0445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1332993
cf-polished: origSize=728
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 08:08:13 GMT
server: cloudflare
etag: W/"65f947ed-2d8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgePTi6Z42eBOeyYX5pPC2khzV62Y8CNUq6raaJk4I3SHF%2FCpKhkTYGOmdmCY3RGHoDXTD09doQirVuYB%2BW6kEAcVSsudADhHOpQyAtUCI44VxkwJrmJdtNxlLF4t%2BXlqv4l"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 86ed2d2b98880b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 / Show response
thehiddensun.com/_static/ 56 KB
20 KB 199ms
198ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/_static/??-eJyNzUEOwiAQheELSQeN2pXxLLaMOHUYyABFby8LF92YuHzJ9+e1ZEhmrg4zLBkc5QIriosKLZkU+X0n5m5QyxBIhiXv2u9G0WOntxLVaJVCAf+oNk8bPUcpKAUSV0+Swdc+J1QPUyV28IjxmYHE4etbXcNlP9rzeDycrP0Ao3lRWw==

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43f41028ac1f1ca205e52d016190695414b442311c0bc4f747e38ad2796bf5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jan 2024 23:08:20 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"adda73a4a98da04aeda8ee8d18694583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7VF%2F0O0k1266oMU1aFjmMFTwkIO%2BGedKNXsg%2FS8XqxVj46ACKSdiRpZZ%2B701f2V%2BTgqcW9liGfMYwmyRsg4BcSlLXSEuLp06leWcvSia4%2FktKSBqvz%2ByIqrphtPcAGwrGSx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86ed2d2b98890b80-AMS

GET
H2 200 w.js Show response
stats.wp.com/ 12 KB
5 KB 51ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?ver=202414
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 04 Apr 2024 00:28:06 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/12827-1705538370375.7896
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 31 Mar 2025 16:43:19 GMT

GET
H3 200 jquery.min.js Show response
thehiddensun.com/wp-includes/js/jquery/ 86 KB
31 KB 46ms
46ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams HIT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2744
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2txtLlAoJXCLb5wYkXjhifUlT%2BWIKc%2BAS6L9Yt%2FZ%2BJb2xpfAeiZLTs6awfwJoZdggjaVKR0MLb9pRdjar9%2Bvn9%2Bw5xkidq2yi%2FMztDFNZAOzekpvKlS0smpkzrlMZScQD32b"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 86ed2d2b988a0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 / Show response
thehiddensun.com/_static/ 42 KB
15 KB 200ms
200ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/_static/??-eJydUcsOgjAQ/CFL8a0H49kP8Gxqu8JCH9hug/69BTlwMCSYbLIz2clkMts2DK3UUUHgVZpnBP8eFjNYeEGQGbRZFRZtw6SzBJZ4o2OBNvDWOemMAS+BixCARi7srp2sIw406+n1Mtvt4XuZ4kIpRo5J4Wl+pJCErkZIKPui/4OMzhMmFVAjZM1vqWB+j6gVJ9SgWCG07lqeYD9sqQSTnkRtIu+ALwKwXaqSjN4m7dmclvv8mG9W68PuAwtVsuU=

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

547cbe010fc92b41dd047b34c58a5d3c21606e211ed26df1bd01d113f837606c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 13:59:46 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"bf5421fffb539dec42c16fa3db270d4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dumgV9orLR2oifzLS0lZU4Y4JvwW4k8uOZo8YTdNnUalxnibRyOwfXVma4li67K10TTdT5616udKa36%2FvKUrytTyJdxlFj6WsNKdC0e2O%2BW8V61gnBnFdLJdRbMlr9756l4O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86ed2d2b988b0b80-AMS

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 179ms
71ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9236545585522204&host=ca-host-pub-2644536267352236

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

cc71e46242c01724ac94a2e4bba07caa933e4c5c463e07d8d9b3bd9b4064baa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51714
x-xss-protection: 0
server: cafe
etag: 9857604458216443982
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 04 Apr 2024 00:28:06 GMT

GET
H3 200 webfont.js Show response
thehiddensun.com/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/ 12 KB
5 KB 24ms
24ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c41211d42b7dadb793e39e8ad877e5f76645c7ea200e25625ebbddc050df0c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams MISS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 301797
cf-polished: origSize=12493
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 01 May 2023 19:43:42 GMT
server: cloudflare
etag: W/"6450166e-30cd"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHlbOhlDbkgEI1gWICEMrmu7e%2FkbbJE5y9%2F8u3xefveBTNWCX4J%2FQ9BnadYoflPrexHGr1qjPY%2BlQIusA3bFDmeWcll0qlxAobGhWEet2Zhbgt9xZOl%2B5cGWVzKR%2F1oqLMeV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
cf-ray: 86ed2d2d58e70b80-AMS
expires: Sun, 07 Apr 2024 12:38:09 GMT

GET
H3 200 woocommerce-smallscreen.css
thehiddensun.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
2 KB 24ms
24ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?m=1693345524

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 998691
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: cloudflare
etag: W/"64ee66f4-1b83"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU2sqDjmVAsJv35MiLtgsUOu6bT42KGjYGZYp%2Bu1%2BjCcvq5a7dOX612sQ2ee2wPGkr5jBTPRSNq0oLvZQwTvxd%2FchiB8b%2BFhT0x0YhN%2FUWECuMhbJ2Yu55h8SNK29Yl%2BrbeA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 86ed2d2d98fe0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK caa76adf-9628-45a8-a36c-d33b8c18b7ba
https://thehiddensun.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thehiddensun.com/caa76adf-9628-45a8-a36c-d33b8c18b7ba
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 HS-LOGO_small.png
i0.wp.com/thehiddensun.com/wp-content/uploads/2020/07/ 18 KB
18 KB 97ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2020/07/HS-LOGO_small.png?resize=381%2C350&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bc7573b8febff470ad313a5db27064ff62c8622e7a9e2b3e446703e6f4605bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 17940
x-nc: HIT ams 4
last-modified: Sun, 18 Feb 2024 17:04:45 GMT
server: nginx
etag: "67b7a2689162007a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2020/07/HS-LOGO_small.png>; rel="canonical"
expires: Wed, 18 Feb 2026 05:04:45 GMT

GET
H2 200 Apr_Ding.jpg
i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/ 31 KB
31 KB 74ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/Apr_Ding.jpg?resize=1024%2C576&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

e936024be24d2b11c59d12f7d7f14b566dc8e7a362b00b763908640160bd3f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 31718
x-nc: HIT ams 7
last-modified: Wed, 03 Apr 2024 07:21:59 GMT
server: nginx
etag: "23acc930c5c91550"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2024/03/Apr_Ding.jpg>; rel="canonical"
expires: Fri, 03 Apr 2026 19:21:59 GMT

GET
H2 200 936d43a891f60bb93e70d71c6d4d5012
secure.gravatar.com/avatar/ 3 KB
4 KB 71ms
18ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/936d43a891f60bb93e70d71c6d4d5012?s=49&d=identicon&r=g
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a9a4f89d742c5ad6b48df44b36be55965edd38cb6e9a465bf86b9d35731af6f7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 3
date: Thu, 04 Apr 2024 00:28:06 GMT
last-modified: Sat, 01 Aug 2020 09:59:31 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="936d43a891f60bb93e70d71c6d4d5012.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/936d43a891f60bb93e70d71c6d4d5012?s=49&d=identicon&r=g>; rel="canonical"
content-length: 3551
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Apr 2024 00:33:06 GMT

GET
H3 200 email-decode.min.js Show response
thehiddensun.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 33ms
33ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWOjWYrLPP3QuLaIuYsqf6%2FnsYD3pkaaQgKykEWewxIXkhLMu8%2BpKWFh8a%2Bet3OSVTzgg94u8E3yGj0zqLuvkXYPngIwcYsuCGJ1Cv5QvAEv%2FV3DD08ounabmzxbdCedW8Cx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86ed2d2bb88c0b80-AMS
expires: Sat, 06 Apr 2024 00:28:06 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 6 KB
3 KB 60ms
16ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202414
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Thu, 04 Apr 2024 00:28:06 GMT
content-encoding: br
x-ac: 4.ams _dfw MISS
last-modified: Wed, 15 Nov 2023 17:05:24 GMT
server: nginx
etag: W/"6554fa54-161b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
expires: Tue, 01 Apr 2025 00:00:01 GMT

GET
H3 200 / Show response
thehiddensun.com/_static/ 87 KB
26 KB 196ms
195ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/_static/??-eJyVUdFuwjAM/KGFDGlSx8O0T0Gp6zLTxK5ih8K+fikMtkmwsafonLvL5TyNDoQN2fwYy4ZY/RZtDDD4NTH4tlDsPHFPTIZOIUuMZ3xYJOLFVh+m2y6f53qH3En2oZikYEZwvnGUwgYddOw7UvMXeMMYpI0Cg57Y26+BC1y1RnK38pRJvREfnE40Yv73o7P2JHVzJRQivd+0mURAUsIM6IMqms5eKqUO2qKG+Qf4pd7rTn0+0jovuauBas+Z2nKs5O9Nfds3hCxFMV52dB5csbE3TFg7nCo4KO0NkY+/Gmh0kXhwvUBR19P+TmVfGObMWvmv6WXZPD6vmmWzevoAA3cHjw==

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64eb181f8b0b6d879105971f9da811d3fe6d988fb97cd98fd901ca56e2b93209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-hacker: Want root? Visit join.a8c.com and mention this header.
date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams MISS
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
host-header: WordPress.com
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Feb 2024 18:23:14 GMT
server: cloudflare
x-page-optimize: uncached
etag: W/"8bec5983bd222ae7fa613a57dc68d9d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQUJ8RiqfRpD7P47HsPq5Q1P%2BYqafccDHJX%2FIrsk6JJa5uJLHNcUllEfhuWV%2Bh0nGX8woh8teNrptfkOX5tt89ObwsyuHWIJ26Wn1vyYr6VzXvDtmkMJt9n5Q70ZhmgBuD9M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86ed2d2be8950b80-AMS

GET
H2 200 e-202414.js Show response
stats.wp.com/ 7 KB
3 KB 17ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202414.js
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 04 Apr 2024 00:28:06 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14377-1704402356443.5398
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Mar 2025 18:55:42 GMT

GET
H3 200 coblocks-post-carousel-script.js Show response
thehiddensun.com/wp-content/plugins/coblocks/dist/js/ 13 KB
5 KB 26ms
26ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/plugins/coblocks/dist/js/coblocks-post-carousel-script.js?m=1699304468

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4335edaa33e2913d84992680edc72cb3c0b35fa1c19101ca20f400c1dffc0316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1783824
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 06 Nov 2023 21:01:08 GMT
server: cloudflare
etag: W/"65495414-32e7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J0mrXLF20gibrPycqCow2kk%2Bc6L5CxaR2c4mr2RiRe2JidSTKhwN9G34yf7lymQsoT9D5KnOHFnAn7Vv7c4tpPkTgZ4vUKM0U1sbWE789Sg4XlrZSoh1jgRSmvqQttISHBT3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 86ed2d2c68b20b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 23ms
16ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.493382107216092
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 00:28:06 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK conf Show response
s.pubmine.com/ 2 KB
1 KB 458ms
35ms Script
text/javascript 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/conf?pp.pt=0&pp.ht=1&pp.tn=twentysixteen&pp.uloggedin=0&pp.amp=false&pp.siteid=173256004&pp.consent=0&pp.ad.label.text=Advertisements&pp.ad.reportAd.text=Report%20this%20ad&pp.ad.privacySettings.text=Privacy&rid=6852116971087&ref=https%3A%2F%2Fthehiddensun.com%2F&vp=1600x1113&cb=callback__luki0are_1
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 86c69ae0edf53fddfbbc9d01fa3bb85151a182e564aa02c3a6e439530cf09371

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 90ms
25ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 04 Apr 2024 00:11:51 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 975
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 04 Apr 2024 02:11:51 GMT

GET
H3 200 montserrat-latin-700-normal.woff2
thehiddensun.com/wp-content/themes/twentysixteen/fonts/montserrat/ 13 KB
13 KB 211ms
211ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-700-normal.woff2?ver=25

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams MISS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12848
last-modified: Fri, 05 May 2023 20:02:42 GMT
server: cloudflare
etag: "645560e2-3230"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtHN0TuJEn%2BcYTXfeocbuucWXaqrQU6pgKDJEk%2B1n%2FAiFzBm8jk8Ggg23JCpx1aeQ6U1UV6qU38Xx0TB3mx8Z4xmtu2uwp3uMp4wcY6LZXQiCY1R2ASQ0NlWoahi9ok3DjzX"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86ed2d2da90a0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 merriweather-latin-400-normal.woff2
thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/ 20 KB
20 KB 25ms
24ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-normal.woff2?ver=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1785159
alt-svc: h3=":443"; ma=86400
content-length: 20028
last-modified: Fri, 05 May 2023 20:02:42 GMT
server: cloudflare
etag: "645560e2-4e3c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHbZtLW5f80uvpXPIOtrlUgPtURgGNJMUnxSIyiu7oSd6ieikvp4E4Q8VfNP1rLSSX%2F6Bjcbtaga3RkaitKtFbtBT1DmSv5ttU6j%2BG4cdSjuCGo5dYETHLOTN9tkNCPBjZPW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86ed2d2da90b0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 montserrat-latin-400-normal.woff2
thehiddensun.com/wp-content/themes/twentysixteen/fonts/montserrat/ 12 KB
13 KB 23ms
23ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/themes/twentysixteen/fonts/montserrat/montserrat-latin-400-normal.woff2?ver=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1785373
alt-svc: h3=":443"; ma=86400
content-length: 12708
last-modified: Fri, 05 May 2023 20:02:42 GMT
server: cloudflare
etag: "645560e2-31a4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wbxd6fFCK%2B%2Bh%2F6gV0wxefPCoE78zgC7X99FH0htpSkmPqaV0hfNI59Q2LIuM0PQ4d9aRTPOHPam5pmk7cytwwJEtqgn%2BiR2zRMC8f2elApHgo8fB%2F3mDiHZp2SZqCjvunxg0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86ed2d2da90c0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 merriweather-latin-700-normal.woff2
thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/ 19 KB
20 KB 26ms
26ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-700-normal.woff2?ver=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1785159
alt-svc: h3=":443"; ma=86400
content-length: 19740
last-modified: Fri, 05 May 2023 20:02:42 GMT
server: cloudflare
etag: "645560e2-4d1c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0k6FrghbuT%2BU9%2ForlIGID0VO6D2sqjg9f2uzMi9gA%2Fww7I%2BNA4pihxbiiTGnYBvacG%2FLkJ36o5p9o6x6f8OnOy9vwQN8m2nyb8eOr4l7OYH%2FxuBDbAbg6NtqWXyTP2ec1PZZ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86ed2d2da90d0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 merriweather-latin-900-normal.woff2
thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/ 19 KB
20 KB 28ms
27ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-900-normal.woff2?ver=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 3.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1785159
alt-svc: h3=":443"; ma=86400
content-length: 19816
last-modified: Fri, 05 May 2023 20:02:42 GMT
server: cloudflare
etag: "645560e2-4d68"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcDtTHsBW7z7%2FtbhkKUgt9v2PgNhEcQhwQ%2FUsevWX08d%2F0EqTK%2FOqB49J3c99IZPuQlxj9j8fm7GWZAQJb%2FmV8oGqqt8qrPE%2B4o1Bg02xBdkfuwZmXWRjXwJVZAtMDT7je7a"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86ed2d2da90e0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

Referer
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Apr_Ding.jpg
i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/ 86 KB
87 KB 18ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/Apr_Ding.jpg?fit=1920%2C1080&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

63abef81c1bf8c3926d7345a7ce5a3400137f2aa94e0bf90ede28ac86bde1fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 88168
x-nc: HIT ams 7
last-modified: Wed, 03 Apr 2024 06:56:53 GMT
server: nginx
etag: "b49b29b964d01e1b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2024/03/Apr_Ding.jpg>; rel="canonical"
expires: Fri, 03 Apr 2026 18:56:53 GMT

GET
H2 200 Apr_Bing.jpg
i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/ 101 KB
102 KB 18ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/Apr_Bing.jpg?fit=1920%2C1080&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

69653a2ef64c34d5d565a026d581f5d62d7889cb193b493cddc7475fa310e4a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 103896
x-nc: HIT ams 1
last-modified: Tue, 02 Apr 2024 21:21:51 GMT
server: nginx
etag: "e7789296be135de3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2024/03/Apr_Bing.jpg>; rel="canonical"
expires: Fri, 03 Apr 2026 09:21:51 GMT

GET
H2 200 Apr_Yi.jpg
i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/ 122 KB
122 KB 29ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/Apr_Yi.jpg?fit=1920%2C1080&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1e4a3bef2388ec3569b7776d093742dff8d5c26c6a90c094a09cf5e63792faee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 124774
x-nc: HIT ams 7
last-modified: Mon, 01 Apr 2024 08:33:19 GMT
server: nginx
etag: "7453b9dd25dfb38c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2024/03/Apr_Yi.jpg>; rel="canonical"
expires: Wed, 01 Apr 2026 20:33:19 GMT

GET
H2 200 Apr_Jia.jpg
i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/ 121 KB
121 KB 18ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2024/03/Apr_Jia.jpg?fit=1920%2C1080&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

bf4bb7f0d8e5db39be86beb83043fa6148221e3530a5e6eb19db0913fc280eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 123758
x-nc: HIT ams 3
last-modified: Sat, 30 Mar 2024 23:03:47 GMT
server: nginx
etag: "07cdeef9dc68d7c7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2024/03/Apr_Jia.jpg>; rel="canonical"
expires: Tue, 31 Mar 2026 11:03:47 GMT

GET
DATA 200
OK truncated
/ 275 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ee90013d936e15d85918bf7e617568768cd48d7ed729d89afba4e21f624968e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 merriweather-latin-400-italic.woff2
thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/ 19 KB
20 KB 27ms
27ms Font
application/font-woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-content/themes/twentysixteen/fonts/merriweather/merriweather-latin-400-italic.woff2?ver=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/_static/??-eJydVVGOGyEMvVBZmqrV9qfqz0o9QA9QMeBMvQGMMGg6t6/JJNskWhqUrxl7/B72s80sSVmKBWLRydcZI+tXKMnYgw7kqgfW5TcEUIXIs7YUkim6LAJYGf8UgPhkmT8s93kw7jFiAcU2k/dne+3h5yrmBHnWU0Xv9OTJHpTHKZu8ai6rh8egx4J6UG9WqkXNGd31GRitr07qeGUdwKEBLzSCvDSSwCErD7Ox61PAeBct3y7tS8xtapaOdbB2yGVLTp19avcQCqSDkZEiPwQ3EYMpAu+hk5lBHXsgqhh3kpS1cVKnshyk+FjV5u2RLEQydwGyBW2YoUhWfOVWW9ceJxgdpDb/FCWC/z+Ab6q99f0FEkQH0aIYP+hFxFj1z02NjdubAtyt4XabrMlUGbzmBZOIO9Xo+vl00acP6uwYJSjowanZeA9to/rWKKHHA3REPe4rX186ek+tCdK8jAsYCclKqFmF5hevKZstDZDpJhHX3Evll8TqGSJkbJj3X4eSGy+jzeE2KsPh2w4uSWZxVFyuk1y6mNqq3lijFAu6uS0Ok0Xj1SbLpTFMRNkZx/9K6QH3RKV1tRZ5nC+Ok9NmuTPL8Jm3v573tL3H1fI9vbfQ7+Hb7nm3+/Lp8/PXj38BXrLSQQ==
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams BYPASS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1801504
alt-svc: h3=":443"; ma=86400
content-length: 19780
last-modified: Fri, 05 May 2023 20:02:42 GMT
server: cloudflare
etag: "645560e2-4d44"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrmVdIPLpzGSEZNfROp72aUkOlmxrmKUnr%2Fj8FtDA%2Bh7UgQtpA6gQ0UJo04aERkKSF4DLRXHloKsm35dfrL%2BO%2FSNCwSK5WUGdoM9M%2BpU80GwxEOjUcOZHEk63roZNpjcYSC1"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86ed2d2de9190b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BOOK-AN-APPOINTMENT.png
i0.wp.com/thehiddensun.com/wp-content/uploads/2021/02/ 30 KB
31 KB 30ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2021/02/BOOK-AN-APPOINTMENT.png?resize=300%2C251&ssl=1

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

47ccbf6fdc0fc6767e96ec90a2797c9fa07ed463f5181c14fbd8e15ead01eca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 31186
x-nc: HIT ams 1
last-modified: Sat, 17 Feb 2024 18:51:32 GMT
server: nginx
etag: "c4730eddc0e69bf6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2021/02/BOOK-AN-APPOINTMENT.png>; rel="canonical"
expires: Tue, 17 Feb 2026 06:51:32 GMT

GET
H3 200 g.gif
pixel.wp.com/ 50 B
167 B 18ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=173256004&post=0&tz=8&srv=thehiddensun.com&hp=atomic&ac=2&amp=0&j=1%3A13.3-beta&host=thehiddensun.com&ref=&rand=0.6112757552312669
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 00:28:06 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 css
fonts-api.wp.com/ 22 KB
2 KB 71ms
64ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts-api.wp.com/css?family=Open+Sans:r%7COpen+Sans:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ce078786ec4642b7e7074b889c0c3f06eee711cff66e691adf64d38e63b8a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
x-nc: BYPASS ams 2
last-modified: Thu, 04 Apr 2024 00:28:06 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H3 200 wp-emoji-release.min.js Show response
thehiddensun.com/wp-includes/js/ 18 KB
5 KB 28ms
28ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thehiddensun.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
strict-transport-security: max-age=31536000
x-ac: 5.ams _atomic_ams MISS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91650
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
server: cloudflare
etag: W/"65cb7e57-4926"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5g%2BE2w0ayiYQIPpUqSA%2Fp4EJAeTzfzaTX61lrWgnHMr3PS3Rb3kzVZWOkC8011DpgNC3fPIqc7vbqeGkxYumx03PAZrGrKX6X3mDTIMMPpfeL7irLhBTO5OAvI4SdIzix9iv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 86ed2d2e192b0b80-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=898733423&utmhn=thehiddensun.com&utmcs=UTF-8&utmsr=800x600&utmvp=1600x1113&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-172346176-1&cid=1924254625.1712190487&jid=1035129596&_v=5.7.2&z=898733423

35 B
337 B

89ms
25ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-172346176-1&cid=1924254625.1712190487&jid=1035129596&_v=5.7.2&z=898733423

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://thehiddensun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Apr 2024 00:28:06 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-172346176-1&cid=1924254625.1712190487&jid=1035129596&_v=5.7.2&z=898733423
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 371
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.wp.com/s/opensans/v40/ 47 KB
47 KB 81ms
16ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Open+Sans:r%7COpen+Sans:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts-api.wp.com/
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: nginx
age: 2724
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 48236
x-xss-protection: 0

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.wp.com/s/opensans/v40/ 49 KB
49 KB 82ms
16ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css?family=Open+Sans:r%7COpen+Sans:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts-api.wp.com/
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 2
date: Thu, 04 Apr 2024 00:28:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: nginx
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 50296
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403270101/ 405 KB
138 KB 98ms
51ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9236545585522204&plah=thehiddensun.com&aplac=true&bust=31082332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9236545585522204&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ed8b44024c6a6f6d28a98642eb72853041712efdcd436b0f10c8d6defd86ff41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140799
x-xss-protection: 0
server: cafe
etag: 7656440150352523396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 00:28:06 GMT

GET
H2 200 ca-pub-9236545585522204 Show response
fundingchoicesmessages.google.com/i/ 180 KB
60 KB 138ms
62ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9236545585522204?href=https%3A%2F%2Fthehiddensun.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9236545585522204&plah=thehiddensun.com&aplac=true&bust=31082332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a43a8bb8630ab489193b6564e18e86a82875bde0cccce231721550f5ccf55381

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RpxcX6R0BxO2poUqzuLD-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-RpxcX6R0BxO2poUqzuLD-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAtxc0x_sX0Dm8CNz__tAGWLNiQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ata.js Show response
c0.pubmine.com/2.39.01695837358837/ 216 KB
58 KB 59ms
17ms Script
text/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.39.01695837358837/ata.js

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 1
date: Thu, 04 Apr 2024 00:28:07 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Sep 2023 18:00:45 GMT
server: nginx
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400

GET
H2 200 AGSKWxXaDHwhDsbrQnDah47Vwwx8BnJuFl6BptF8wxHO8tdM5bf-iZ5w2HCe8QUQpdjURa_DYyaQWyLKYzQ2ZCvFoV3yfV0RDrURb0Aohc3tqKLDaqT9iJn5WASiuITNQWz30q0URzhn1g== Show response
fundingchoicesmessages.google.com/f/ 395 KB
60 KB 97ms
97ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXaDHwhDsbrQnDah47Vwwx8BnJuFl6BptF8wxHO8tdM5bf-iZ5w2HCe8QUQpdjURa_DYyaQWyLKYzQ2ZCvFoV3yfV0RDrURb0Aohc3tqKLDaqT9iJn5WASiuITNQWz30q0URzhn1g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMTkwNDg3LDIxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90aGVoaWRkZW5zdW4uY29tLyIsbnVsbCxbWzgsIkJTYVNfdFh0eF9rIl0sWzksIm5sIl0sWzE4LCJbW1swXV1dIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4MjE0Nl0sbnVsbCwwXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.BSaS_tXtx_k.es5.O/am=wA/d=1/rs=AJlcJMwE8rWzcfgAir_TnAj6O8utEXbCAg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

386c7e8a9a0ec660db360fe6cb8cf484bd0e52c358e6158668d0cb0876c5756e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2sj_-tgvyuZ6ctt9hFrwOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-2sj_-tgvyuZ6ctt9hFrwOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcEx_sX0Dm8CPKXt6GAGU_DXm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 119ms
25ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
date: Thu, 04 Apr 2024 00:28:07 GMT
content-encoding: br
last-modified: Wed, 28 Feb 2024 14:26:38 GMT
x-amz-request-id: HGBZJM9R3P9F2FZS
etag: "d86492df4bad2a485597bfa437c78ad2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3393
x-amz-id-2: RfKQPGsIOfNW0/HBqoM2w7i3CPVvrnCnUONTJFAVH00Ucl2NzMAqWeTH37dXsXdrbwJD0WJZqrg=

GET
H/1.1 200
OK pixel
s.pubmine.com/ 43 B
286 B 34ms
34ms Image
image/gif 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/pixel?id=15&type=img
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
BLOB 200
OK b448e8e6-3d95-42e5-a9db-0acfaf3f03c6
https://thehiddensun.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thehiddensun.com/b448e8e6-3d95-42e5-a9db-0acfaf3f03c6
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1572
Content-Type: text/javascript

GET
H/1.1 200
OK jslog
s.pubmine.com/ 43 B
286 B 35ms
35ms Image
image/gif 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/jslog?n=cmp%20ping%20returned%20error%20with%20data%3A%20%7B%22gdprApplies%22%3Atrue%2C%22cmpLoaded%22%3Atrue%2C%22cmpStatus%22%3A%22loaded%22%2C%22displayStatus%22%3A%22hidden%22%2C%22apiVersion%22%3A%222.2%22%2C%22cmpVersion%22%3A2%2C%22cmpId%22%3A300%2C%22gvlVersion%22%3A46%2C%22tcfPolicyVersion%22%3A4%7D&pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&s=err&v=2.39.01695837358837
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H/1.1 200
OK adconf Show response
s.pubmine.com/ 210 B
535 B 71ms
37ms XHR
text/javascript 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/adconf?pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&rid=6852116971087
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd6b33d3ff3b0eff30b9b46bbaa40ec441c097a11793c78bfcb986cff3f3c579

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://thehiddensun.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200
OK adconf Show response
s.pubmine.com/ 9 B
316 B 103ms
35ms XHR
text/javascript 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/adconf?pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&rid=6852116971087
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 60d933619ad39f876cba41d788083b8971646802fa74aade7fba906ece34c36f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://thehiddensun.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 9

GET
H2 200 css
fonts.googleapis.com/ 106 KB
6 KB 98ms
41ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.BSaS_tXtx_k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxsSM8zx5ccj6HlQP_8AW1UGFFTHg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Apr 2024 00:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 00:28:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Apr 2024 00:28:07 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 82ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 438131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Mar 2025 22:45:56 GMT

GET
H2 200 627.js Show response
c0.pubmine.com/2.39.01695837358837/ 408 KB
133 KB 17ms
17ms Script
text/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.39.01695837358837/627.js

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

331793c76a679676fa0314f9c2561d35adc2d2c167944cb49cddbe348dad095c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT ams 1
date: Thu, 04 Apr 2024 00:28:07 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Sep 2023 18:00:45 GMT
server: nginx
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 90ms
60ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: thehiddensun.com
URL: https://thehiddensun.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
Origin: https://thehiddensun.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 02:46:41 GMT
x-content-type-options: nosniff
age: 423686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 02:46:41 GMT

POST
H3 204 AGSKWxW5rQ7Lp-OZmUAbCCeK6MHOmmqI54j4UKMJ2wNh0YfKcXmOSW5X-uBY6EObBOTQfwhWcY5G80-cnNqEsxZcFUpIah-eWDytT-DTP3nsFXHN6YM9WvR--L-3jYBwcjPm01Cgw8vAyA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 171ms
65ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW5rQ7Lp-OZmUAbCCeK6MHOmmqI54j4UKMJ2wNh0YfKcXmOSW5X-uBY6EObBOTQfwhWcY5G80-cnNqEsxZcFUpIah-eWDytT-DTP3nsFXHN6YM9WvR--L-3jYBwcjPm01Cgw8vAyA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F1w-0dkQAj3p04YYVx00Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Apr 2024 00:28:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-F1w-0dkQAj3p04YYVx00Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1gDgFiIh2P6i-0b2AQa2rq-MQIAxikMGw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://thehiddensun.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jslog
s.pubmine.com/ 43 B
286 B 36ms
36ms Image
image/gif 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/jslog?n=cmp%20ping%20returned%20error%20with%20data%3A%20%7B%22gdprApplies%22%3Atrue%2C%22cmpLoaded%22%3Atrue%2C%22cmpStatus%22%3A%22loaded%22%2C%22displayStatus%22%3A%22visible%22%2C%22apiVersion%22%3A%222.2%22%2C%22cmpVersion%22%3A2%2C%22cmpId%22%3A300%2C%22gvlVersion%22%3A46%2C%22tcfPolicyVersion%22%3A4%7D&pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&s=err&v=2.39.01695837358837
Requested by: Host: thehiddensun.com
URL: https://thehiddensun.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H/1.1 200
OK adjr Show response
s.pubmine.com/ 64 B
463 B 139ms
139ms XHR
application/json 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/adjr?pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&rid=6852116971087
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c253efa02d403b6a63b179ea7258633f15833349be4e4486f5ce163211367672

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Apr 2024 00:28:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://thehiddensun.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK jslog
s.pubmine.com/ 43 B
286 B 34ms
34ms Image
image/gif 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/jslog?n=cmp%20ping%20returned%20error%20with%20data%3A%20%7B%22gdprApplies%22%3Atrue%2C%22cmpLoaded%22%3Atrue%2C%22cmpStatus%22%3A%22loaded%22%2C%22displayStatus%22%3A%22visible%22%2C%22apiVersion%22%3A%222.2%22%2C%22cmpVersion%22%3A2%2C%22cmpId%22%3A300%2C%22gvlVersion%22%3A46%2C%22tcfPolicyVersion%22%3A4%7D&pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&s=err&v=2.39.01695837358837
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 179 B
528 B 127ms
32ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fthehiddensun.com%2F&PageUrl=https%3A%2F%2Fthehiddensun.com%2F&PageReferrer=https%3A%2F%2Fthehiddensun.com%2F&CanonicalUrl=https%3A%2F%2Fthehiddensun.com%2F

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/627.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

3c8dd3f30b150d5ae38a1d0696491bde7ca5ee2e5de22b1947c2265f14c63913

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Apr 2024 00:28:07 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thehiddensun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 179
expires: 0

GET
H3 200 cropped-HS-LOGO_small.png
i0.wp.com/thehiddensun.com/wp-content/uploads/2020/07/ 1 KB
1 KB 327ms
327ms Other
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://i0.wp.com/thehiddensun.com/wp-content/uploads/2020/07/cropped-HS-LOGO_small.png?fit=32%2C32&ssl=1

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3f38fc6b995a9f5b316acea261db8b49ef34b33cca76ac57aca61f3ab46010f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 00:28:07 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1078
x-nc: HIT ams 5
last-modified: Tue, 20 Feb 2024 00:37:35 GMT
server: nginx
etag: "025055ab9f6394ad"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thehiddensun.com/wp-content/uploads/2020/07/cropped-HS-LOGO_small.png>; rel="canonical"
expires: Thu, 19 Feb 2026 12:37:35 GMT

GET
H/1.1 200
OK jslog
s.pubmine.com/ 43 B
286 B 34ms
33ms Image
image/gif 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/jslog?n=cmp%20ping%20returned%20error%20with%20data%3A%20%7B%22gdprApplies%22%3Atrue%2C%22cmpLoaded%22%3Atrue%2C%22cmpStatus%22%3A%22loaded%22%2C%22displayStatus%22%3A%22visible%22%2C%22apiVersion%22%3A%222.2%22%2C%22cmpVersion%22%3A2%2C%22cmpId%22%3A300%2C%22gvlVersion%22%3A46%2C%22tcfPolicyVersion%22%3A4%7D&pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&s=err&v=2.39.01695837358837
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Apr 2024 00:28:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

POST
H/1.1 200
OK adjr Show response
s.pubmine.com/ 49 B
447 B 124ms
124ms XHR
application/json 34.246.4.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/adjr?pvid=8da25f80-0a7c-4b7f-be01-44bf486ce052&rid=6852116971087
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.39.01695837358837/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.4.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-4-82.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5d841bc33d37ca66ef895606ea2aad0b0f2cacec9fd919fae90b6f85a75f008a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Apr 2024 00:28:07 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://thehiddensun.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H3 204 boom.gif
pixel.wp.com/ 0
106 B 17ms
16ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.09&largest_contentful_paint=457&batcache_hit=0&provider=wordpress.com&service=atomic&effective_connection_type=4g&rtt=50&downlink=10000&host_name=thehiddensun.com&url_path=%2F&nt_fetchStart=5&nt_domainLookupStart=6&nt_domainLookupEnd=22&nt_connectStart=22&nt_connectEnd=61&nt_secureConnectionStart=22&nt_requestStart=61&nt_responseStart=95&nt_responseEnd=129&nt_domLoading=97&nt_domInteractive=496&nt_domContentLoadedEventStart=497&nt_domContentLoadedEventEnd=503&nt_domComplete=1289&nt_loadEventStart=1289&nt_loadEventEnd=1289&nt_redirectCount=0&nt_nextHopProtocol=h3&nt_api_level=2&start_render=457&first_contentful_paint=457&resource_size=1520080&resource_transferred=441159&resource_cache_percent=0&js_size=310334&js_transferred=107937&js_cache_percent=0&blocking_size=1249691&blocking_transferred=255083&blocking_cache_percent=0&last_resource_end=1625
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://thehiddensun.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 04 Apr 2024 00:28:09 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thehiddensun.com/	1969-12-31 23:59:59	Name: sbjs_migrations Value: 1418474375998%3D1
.thehiddensun.com/	1969-12-31 23:59:59	Name: sbjs_current_add Value: fd%3D2024-04-04%2000%3A28%3A06%7C%7C%7Cep%3Dhttps%3A%2F%2Fthehiddensun.com%2F%7C%7C%7Crf%3D%28none%29
.thehiddensun.com/	1969-12-31 23:59:59	Name: sbjs_first_add Value: fd%3D2024-04-04%2000%3A28%3A06%7C%7C%7Cep%3Dhttps%3A%2F%2Fthehiddensun.com%2F%7C%7C%7Crf%3D%28none%29
.thehiddensun.com/	1969-12-31 23:59:59	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.thehiddensun.com/	1969-12-31 23:59:59	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.thehiddensun.com/	1969-12-31 23:59:59	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F123.0.0.0%20Safari%2F537.36
.thehiddensun.com/	1970-01-20 19:36:32	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fthehiddensun.com%2F
.thehiddensun.com/	1970-01-21 05:12:30	Name: __utma Value: 23759231.1924254625.1712190487.1712190487.1712190487.1
.thehiddensun.com/	1969-12-31 23:59:59	Name: __utmc Value: 23759231
.thehiddensun.com/	1970-01-20 23:59:18	Name: __utmz Value: 23759231.1712190487.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.thehiddensun.com/	1970-01-20 19:36:31	Name: __utmt Value: 1
.thehiddensun.com/	1970-01-20 19:36:32	Name: __utmb Value: 23759231.1.10.1712190487

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
c0.pubmine.com
fonts-api.wp.com
fonts.googleapis.com
fonts.gstatic.com
fonts.wp.com
fundingchoicesmessages.google.com
hb-api.omnitagjs.com
i0.wp.com
pagead2.googlesyndication.com
pixel.wp.com
s.pubmine.com
s0.wp.com
secure.gravatar.com
ssl.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
thehiddensun.com
142.250.185.174
185.255.84.150
188.114.96.3
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.38
216.58.206.34
2a00:1450:4001:802::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a00:1450:400c:c00::9d
2a04:fa87:fffe::c000:4902
34.246.4.82
95.101.149.35
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e4a3bef2388ec3569b7776d093742dff8d5c26c6a90c094a09cf5e63792faee
216728e33a7de4be9b784eff527c6ccf1658319ea78fe66a7864c0b923200252
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
331793c76a679676fa0314f9c2561d35adc2d2c167944cb49cddbe348dad095c
386c7e8a9a0ec660db360fe6cb8cf484bd0e52c358e6158668d0cb0876c5756e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c8dd3f30b150d5ae38a1d0696491bde7ca5ee2e5de22b1947c2265f14c63913
3f38fc6b995a9f5b316acea261db8b49ef34b33cca76ac57aca61f3ab46010f8
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
4335edaa33e2913d84992680edc72cb3c0b35fa1c19101ca20f400c1dffc0316
43f41028ac1f1ca205e52d016190695414b442311c0bc4f747e38ad2796bf5d3
46d0962eeebc354d3d1c7b4f4fa1fdfa6d9357e4aaa8fee9a69aee739dbe0445
47ccbf6fdc0fc6767e96ec90a2797c9fa07ed463f5181c14fbd8e15ead01eca3
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
547cbe010fc92b41dd047b34c58a5d3c21606e211ed26df1bd01d113f837606c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d841bc33d37ca66ef895606ea2aad0b0f2cacec9fd919fae90b6f85a75f008a
5ee90013d936e15d85918bf7e617568768cd48d7ed729d89afba4e21f624968e
60d933619ad39f876cba41d788083b8971646802fa74aade7fba906ece34c36f
63abef81c1bf8c3926d7345a7ce5a3400137f2aa94e0bf90ede28ac86bde1fa9
64eb181f8b0b6d879105971f9da811d3fe6d988fb97cd98fd901ca56e2b93209
68affeab03f7da878c0f8578a85c20daa72bc981a5e6441e2c7dbe9b6d2d18f3
69653a2ef64c34d5d565a026d581f5d62d7889cb193b493cddc7475fa310e4a4
79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851910108a58de181d3985b12f3c70bbe1b73cb401713763ef514a5e54f2770a
86c69ae0edf53fddfbbc9d01fa3bb85151a182e564aa02c3a6e439530cf09371
8ce078786ec4642b7e7074b889c0c3f06eee711cff66e691adf64d38e63b8a2d
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
a43a8bb8630ab489193b6564e18e86a82875bde0cccce231721550f5ccf55381
a9a4f89d742c5ad6b48df44b36be55965edd38cb6e9a465bf86b9d35731af6f7
b32ac08ac704f56f164eca7ed8dbc4ff2c50dff8f9e3527d2c52c93081672b02
bc7573b8febff470ad313a5db27064ff62c8622e7a9e2b3e446703e6f4605bcb
bf4bb7f0d8e5db39be86beb83043fa6148221e3530a5e6eb19db0913fc280eda
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c253efa02d403b6a63b179ea7258633f15833349be4e4486f5ce163211367672
c41211d42b7dadb793e39e8ad877e5f76645c7ea200e25625ebbddc050df0c4b
c6f921178c04e85a2499b306b750c3404727a71e251c88d8d4b905aba13545ee
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc71e46242c01724ac94a2e4bba07caa933e4c5c463e07d8d9b3bd9b4064baa8
dd6b33d3ff3b0eff30b9b46bbaa40ec441c097a11793c78bfcb986cff3f3c579
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e936024be24d2b11c59d12f7d7f14b566dc8e7a362b00b763908640160bd3f24
ed8b44024c6a6f6d28a98642eb72853041712efdcd436b0f10c8d6defd86ff41
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

thehiddensun.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

38 %IPv6

12 Domains

18 Subdomains

17 IPs

6 Countries

1806 kBTransfer

4443 kBSize

12 Cookies

9 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thehiddensun.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

38 %
IPv6

12
Domains

18
Subdomains

17
IPs

6
Countries

1806 kB
Transfer

4443 kB
Size

12
Cookies

63 HTTP transactions
2 data transactions