bhutan.kivazen.com Open in urlscan Pro
151.106.104.248  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bhutan.kivazen.com/	33 KB 10 KB	537ms 272ms	Document text/html	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.26 Resource Hash a0dc9cf10ad914de462400d2d6a8b840c69fe17aba496ceb16317c7c9123898a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-powered-by PHP/7.4.26 content-type text/html; charset=UTF-8 link <https://bhutan.kivazen.com/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control public,max-age=604800 x-litespeed-tag 65d_HTTP.200,65d_home,65d_URL.6666cd76f96956469e7be39d750cc7d9,65d_F,65d_ etag "50704-1644493130;br" x-litespeed-cache miss content-encoding br vary Accept-Encoding date Thu, 10 Feb 2022 11:38:50 GMT server LiteSpeed content-security-policy upgrade-insecure-requests alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	style.min.css bhutan.kivazen.com/wp-includes/css/dist/block-library/	79 KB 10 KB	117ms 114ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.3 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Tue, 07 Sep 2021 11:31:11 GMT server LiteSpeed etag "13abe-61374d7f-7d71996d6bb1f4d8;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 9960 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	mediaelementplayer-legacy.min.css bhutan.kivazen.com/wp-includes/js/mediaelement/	11 KB 2 KB	120ms 118ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:10:39 GMT server LiteSpeed etag "2bf8-60d43dff-edf016a600154989;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 2394 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	wp-mediaelement.min.css bhutan.kivazen.com/wp-includes/js/mediaelement/	4 KB 1 KB	227ms 225ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.3 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:10:39 GMT server LiteSpeed etag "105a-60d43dff-abfbd304b58db116;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 982 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	blocks.style.build.css bhutan.kivazen.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/	184 B 265 B	227ms 225ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.40.1 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT last-modified Sat, 05 Feb 2022 08:11:21 GMT server LiteSpeed etag "b8-61fe3129-223a8a8dcd8fe0;;;" content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 184 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	72ms 26ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b862b809cfe4835b1795ec5788bf374bac716aa66c941f5170fb1f500a04c56d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 10 Feb 2022 09:57:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 10 Feb 2022 11:38:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Feb 2022 11:38:50 GMT
GET H2	200	style.css bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/	45 KB 9 KB	227ms 226ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.0 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 79ab1fa28942097af81fa786f8b9e83f274e65abb3f96e7046038508f251f290 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:12:40 GMT server LiteSpeed etag "b20f-60d43e78-e3a42b731bf98d1b;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 8842 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	font-awesome.min.css bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/includes/	30 KB 7 KB	228ms 226ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:12:40 GMT server LiteSpeed etag "7918-60d43e78-579c55b1674fbf2d;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 6658 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	jetpack.css bhutan.kivazen.com/wp-content/plugins/jetpack/css/	86 KB 16 KB	228ms 227ms	Stylesheet text/css	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.6 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Tue, 01 Feb 2022 20:10:50 GMT server LiteSpeed etag "15784-61f993ca-2b59cc30a8486bbc;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 16057 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	jquery.min.js Show response bhutan.kivazen.com/wp-includes/js/jquery/	87 KB 30 KB	231ms 230ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Tue, 07 Sep 2021 11:30:44 GMT server LiteSpeed etag "15db1-61374d64-d09f6cdccc5271c1;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 30273 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	jquery-migrate.min.js Show response bhutan.kivazen.com/wp-includes/js/jquery/	11 KB 4 KB	231ms 230ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:10:37 GMT server LiteSpeed etag "2bd8-60d43dfd-6bb210724fef3728;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 3995 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H2	200	scripts.js Show response bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/js/	36 KB 11 KB	231ms 230ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.0 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:50 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:12:40 GMT server LiteSpeed etag "91c9-60d43e78-108009b781001c0b;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 11268 expires Thu, 17 Feb 2022 11:38:50 GMT
GET H3	200	cropped-BYPartners-5-1.png bhutan.kivazen.com/wp-content/uploads/2021/06/	20 KB 20 KB	113ms 112ms	Image image/png	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://bhutan.kivazen.com/wp-content/uploads/2021/06/cropped-BYPartners-5-1.png Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 145be70fd905c5cc59d56e258fd4dfa5758d20b2829a76552a32ca32c63e9291 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:51 GMT last-modified Thu, 24 Jun 2021 08:24:11 GMT server LiteSpeed etag "4f6f-60d4412b-fb41e7034e223cea;;;" content-type image/png cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 20335 expires Thu, 17 Feb 2022 11:38:51 GMT
GET H3	200	wp-embed.min.js Show response bhutan.kivazen.com/wp-includes/js/	1 KB 1004 B	113ms 113ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/js/wp-embed.min.js?ver=5.8.3 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:51 GMT content-encoding br last-modified Thu, 24 Jun 2021 08:10:38 GMT server LiteSpeed etag "592-60d43dfe-301208de259849ae;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 663 expires Thu, 17 Feb 2022 11:38:51 GMT
GET H3	200	image.js Show response bhutan.kivazen.com/wp-content/plugins/featured-image-from-url/includes/html/js/	3 KB 850 B	112ms 112ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.8.4 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2cb3cd0ca0d3d8ece245e8ddea668ccfaeb682731a9dbb6b24df278e5617bf0d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:51 GMT content-encoding br last-modified Sat, 05 Feb 2022 20:10:52 GMT server LiteSpeed etag "c39-61fed9cc-726817fb823fb1d3;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 775 expires Thu, 17 Feb 2022 11:38:51 GMT
GET H3	200	ads.js Show response bhutan.kivazen.com/wp-content/plugins/quick-adsense-reloaded/assets/js/	78 B 149 B	111ms 111ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.40.1 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:51 GMT last-modified Sat, 05 Feb 2022 08:11:21 GMT server LiteSpeed etag "4e-61fe3129-304154c2b2a756ea;;;" content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 78 expires Thu, 17 Feb 2022 11:38:51 GMT
GET H2	200	e-202206.js Show response stats.wp.com/	9 KB 3 KB	54ms 16ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202206.js Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT hhn date Thu, 10 Feb 2022 11:38:51 GMT content-encoding br server nginx etag W/"6197c5cf-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Sun, 22 Jan 2023 20:00:49 GMT
GET H3	200	wp-emoji-release.min.js Show response bhutan.kivazen.com/wp-includes/js/	18 KB 5 KB	127ms 126ms	Script application/x-javascript	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.3 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:51 GMT content-encoding br last-modified Tue, 07 Sep 2021 11:30:45 GMT server LiteSpeed etag "4705-61374d65-efeb31e879c387eb;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 4539 expires Thu, 17 Feb 2022 11:38:51 GMT
GET H/1.1	403 Forbidden	invoke.js www.variouscreativeformats.com/8028ee8096899b90c29132d154655901/	0 0	866ms 121ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.variouscreativeformats.com/8028ee8096899b90c29132d154655901/invoke.js Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://bhutan.kivazen.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 10 Feb 2022 11:38:51 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/	44 KB 44 KB	64ms 19ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bhutan.kivazen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 04 Feb 2022 09:58:52 GMT x-content-type-options nosniff age 524399 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 04 Feb 2023 09:58:52 GMT
GET H/1.1	403 Forbidden	invoke.js www.variouscreativeformats.com/3e2d1f059724fcd151b055d65ded1cd6/	0 0	121ms 120ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.variouscreativeformats.com/3e2d1f059724fcd151b055d65ded1cd6/invoke.js Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://bhutan.kivazen.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 10 Feb 2022 11:38:52 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3	200	fontawesome-webfont.woff2 bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/fonts/	75 KB 76 KB	121ms 121ms	Font font/woff2	151.106.104.248 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 151.106.104.248 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://bhutan.kivazen.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css Origin https://bhutan.kivazen.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:52 GMT last-modified Thu, 24 Jun 2021 08:12:40 GMT server LiteSpeed etag "12d68-60d43e78-22cde4a170bf0fce;;;" content-type font/woff2 cache-control public, max-age=604800 content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 77160 expires Thu, 17 Feb 2022 11:38:52 GMT
GET H2	200	0210-wi-shop-4100.jpg smartcdn.gprod.postmedia.digital/montrealgazette/wp-content/uploads/2022/02/	139 KB 140 KB	195ms 154ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/montrealgazette/wp-content/uploads/2022/02/0210-wi-shop-4100.jpg Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 8c10ce32c6b4b1cdf1305234dbe828c4f67b8212273b82968f6abd2f8225b141 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-pmd-smartcdn-requester montrealgazette date Thu, 10 Feb 2022 11:38:52 GMT via 1.1 google server nginx/1.19.10 cache-control max-age=2592000,public etag "1d1815d713ee29bd1fe62e06c63c6f6ba3cd6937" vary Accept content-type image/webp x-cache-hit miss x-pmd-smart-cdn-proxy thumbor-proxy-64c799cd7-prgwn alt-svc clear content-length 142810
GET H2	200	GettyImages-1287825479-scaled-e1643765899823.jpg smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/02/	796 KB 798 KB	578ms 536ms	Image image/webp	34.149.157.221 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2022/02/GettyImages-1287825479-scaled-e1643765899823.jpg?quality=100&strip=all Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.157.221 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 221.157.149.34.bc.googleusercontent.com Software nginx/1.19.10 / Resource Hash 4f01f772d0e0b042e1a1dae556230f2743bf08192dfd42cf1bf0583522a6c630 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-pmd-smartcdn-requester torontosun date Thu, 10 Feb 2022 11:22:32 GMT via 1.1 google server nginx/1.19.10 cache-control max-age=2592000,public age 980 etag "364cf37f4d65de496232c68e12f4c45d21dd2390" vary Accept content-type image/webp x-cache-hit hit x-pmd-smart-cdn-proxy thumbor-proxy-64c799cd7-9g44k alt-svc clear content-length 815556
GET H2	200	uber.jpg images.thestar.com/4qAK1CdprwyZVLoJBDkvPUUoaqg=/1200x800/smart/filters:cb(1644446805168)/https://www.thestar.com/content/dam/thestar/news/gta/2022/02/10/a-union-signed-a-deal-with-uber-but-drivers-...	97 KB 98 KB	83ms 19ms	Image image/jpeg	143.204.98.39 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.thestar.com/4qAK1CdprwyZVLoJBDkvPUUoaqg=/1200x800/smart/filters:cb(1644446805168)/https://www.thestar.com/content/dam/thestar/news/gta/2022/02/10/a-union-signed-a-deal-with-uber-but-drivers-have-questions-inside-the-messy-battle-for-the-gig-economy/uber.jpg Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-39.fra50.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash b3d8114695bcf0adcd00c3af4d0906ecf7f50168143f9774e0884deb5adc7f97 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 10:01:12 GMT via 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront) server nginx/1.14.0 (Ubuntu) age 5860 etag "2764352eaf65d0446e7041c961ad48c53f3e6a90" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=315360000 x-amz-cf-pop FRA50-C1 content-length 99757 x-amz-cf-id moe72lmQWeIMcc4wqi7J3E-MrBDyJn4cVnivcg0aXgKsEMW_lHoSqQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	image.jpg www.ctvnews.ca/polopoly_fs/1.5775670.1644485598!/httpImage/image.jpg_gen/derivatives/landscape_620/	101 KB 101 KB	95ms 22ms	Image image/jpeg	104.70.84.198 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ctvnews.ca/polopoly_fs/1.5775670.1644485598!/httpImage/image.jpg_gen/derivatives/landscape_620/image.jpg Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.70.84.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-70-84-198.deploy.static.akamaitechnologies.com Software / Resource Hash d69264271455554818b268c064fc369f47649600f33323a0282c8d29e751190e Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:52 GMT content-encoding gzip last-modified Thu, 10 Feb 2022 09:33:54 GMT vary Accept-Encoding content-type image/jpeg cache-control public, max-age=31536000, s-maxage=31557600 content-length 103364 expires Fri, 10 Feb 2023 11:38:52 GMT
GET H2	200	CP147005655-e1642015038345.jpg globalnews.ca/wp-content/uploads/2022/01/	13 KB 13 KB	59ms 16ms	Image image/webp	192.0.66.184 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://globalnews.ca/wp-content/uploads/2022/01/CP147005655-e1642015038345.jpg?quality=85&strip=all&w=720&h=379&crop=1 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash d77da8e1601acf4642a0bb75a4f7bd453d7b102fd4a26bd23581bfbc0a180b92 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:52 GMT x-rq hhn2 109 140 443 last-modified Thu, 10 Feb 2022 11:29:25 GMT server nginx etag "37051a128e1b5b81" vary Accept x-cache HIT content-type image/webp cache-control max-age=2592000 strict-transport-security max-age=86400 accept-ranges bytes content-length 12820 expires Fri, 10 Feb 2023 11:29:25 GMT
GET H2	200	debralee-chrisjohn.jpg i.cbc.ca/1.6278242.1639088631!/fileImage/httpImage/image.jpg_gen/derivatives/16x9_620/	12 KB 12 KB	120ms 44ms	Image image/webp	104.89.21.36 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://i.cbc.ca/1.6278242.1639088631!/fileImage/httpImage/image.jpg_gen/derivatives/16x9_620/debralee-chrisjohn.jpg Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.89.21.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-21-36.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash 7d93c590c3e6266912f318f4d390477afd6252b90b4dd9c0d6ac60520c893c9f Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:52 GMT cache-control no-transform, max-age=43200 last-modified Thu, 10 Feb 2022 10:00:46 GMT server Akamai Image Manager content-type image/webp content-length 12454 expires Thu, 10 Feb 2022 23:38:52 GMT
GET H2	200	f1e5c-16444749102081-1920.jpg staticg.sportskeeda.com/editor/2022/02/	315 KB 316 KB	101ms 25ms	Image image/webp	2a04:4e42:600::644 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://staticg.sportskeeda.com/editor/2022/02/f1e5c-16444749102081-1920.jpg Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7890896d532ec052994900fbb7a060c62fbbbe3ed34bb5c2e9ea4979d2083e9f Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-gumlet-pc MISS date Thu, 10 Feb 2022 11:38:52 GMT via 1.1 varnish nel {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.001 } x-gumlet-reqid 6204bbaa43bc64053009409a age 15777 x-gumlet-oc HIT x-cache HIT access-control-max-age 1728000 x-gumlet-runtime 0.223 strict-transport-security max-age=31557600 content-length 322686 x-served-by cache-hhn4034-HHN x-timer S1644493132.229562,VS0,VE2 etag bc503471b86ddfd9 vary accept report-to {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]} content-type image/webp access-control-allow-origin * x-fas-reqid 5637a260-8585-4ecd-b33e-b2eb48d80572 cache-control public, max-age=8640000, s-maxage=31536000 accept-ranges bytes access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range x-cache-hits 1
GET H2	200	skysports-leah-galton-manchester-united_5668126.jpg e0.365dm.com/22/02/1600x900/	170 KB 171 KB	255ms 46ms	Image image/jpeg	2a02:26f0:1700:58d::3757 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://e0.365dm.com/22/02/1600x900/skysports-leah-galton-manchester-united_5668126.jpg?20220209172456 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:58d::3757 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software none / Resource Hash ab341bae9e5eee32b1904d0a04d85b3f0ba2c27f4a4c9b94d54c83c74ad21e9c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains cache-control public, max-age=602724, s-maxage=15552000 server none content-type image/jpeg date Thu, 10 Feb 2022 11:38:52 GMT content-length 174517 expires Thu, 17 Feb 2022 11:04:16 GMT
GET H2	200	Team%20USA%202-9%20GettyImages-ftr.jpg library.sportingnews.com/styles/facebook_1200x630/s3/2022-02/	111 KB 112 KB	127ms 43ms	Image image/jpeg	2606:4700::6812:fd8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://library.sportingnews.com/styles/facebook_1200x630/s3/2022-02/Team%20USA%202-9%20GettyImages-ftr.jpg?itok=nvoh4hmy Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:fd8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 210ad1618534372d1c14e17649f0180e811159fe5c5429b3e966405ee86131a3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Thu, 10 Feb 2022 11:38:52 GMT cf-cache-status HIT age 4345 cf-ray 6db50dbc78568ff4-FRA last-modified Thu, 10 Feb 2022 04:43:32 GMT content-length 113911 x-amz-id-2 tFYVDFm0cwq5Atn016dWVlAFLIt5u2Q86L9yR6Hjyd8cvCVWcq2A571I4FCaOtA1xJ+yyYY8xLo= cf-bgj h2pri server cloudflare etag "cc389e1c02ddfaa27df7c261546d6534" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id H2VEHQDZQ6KCD263 cache-control public, max-age=60 accept-ranges bytes content-type image/jpeg expires Thu, 10 Feb 2022 11:39:52 GMT
GET H2	200	386a0031-0f4f-4fbb-97f9-72bf2f5c9aae.jpg www.ft.com/__origami/service/image/v2/images/raw/https://d1e00ek4ebabms.cloudfront.net/production/	63 KB 63 KB	77ms 18ms	Image image/webp	151.101.2.209 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.ft.com/__origami/service/image/v2/images/raw/https://d1e00ek4ebabms.cloudfront.net/production/386a0031-0f4f-4fbb-97f9-72bf2f5c9aae.jpg?source=next-opengraph&fit=scale-down&width=900 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.209 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dbea49c7281ffb8eab498cb2aba609337efc9ad80ff859bf38f49c1a4cf61e9f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload last-modified Thu, 10 Feb 2022 10:18:49 GMT age 4628 etag "b4adb119153d985de0ab2c76eae7d3a9" vary FT-image-format, Content-Dpr, Accept, FT-Site, Accept-Encoding, FT-Site content-type image/webp access-control-allow-origin * cache-control public, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 date Thu, 10 Feb 2022 11:38:52 GMT server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1 ft-suppress-friendly-error true ft-image-format webp accept-ranges bytes timing-allow-origin * content-length 64144
GET H/1.1	403 Forbidden	invoke.js www.variouscreativeformats.com/77ee235fe81d94ef090b6ae97b314a54/	0 0	134ms 134ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.variouscreativeformats.com/77ee235fe81d94ef090b6ae97b314a54/invoke.js Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://bhutan.kivazen.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 10 Feb 2022 11:38:52 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	403 Forbidden	invoke.js www.variouscreativeformats.com/0a87b4dc4239a4d2e86a7a861cd68ded/	0 0	126ms 126ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.variouscreativeformats.com/0a87b4dc4239a4d2e86a7a861cd68ded/invoke.js Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://bhutan.kivazen.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 10 Feb 2022 11:38:52 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	403 Forbidden	invoke.js www.variouscreativeformats.com/dedbaaf9ecd7fb5a559b50b57e3a13ca/	0 0	134ms 133ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.variouscreativeformats.com/dedbaaf9ecd7fb5a559b50b57e3a13ca/invoke.js Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://bhutan.kivazen.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Access-Control-Allow-Origin * Date Thu, 10 Feb 2022 11:38:52 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	g.gif pixel.wp.com/	50 B 116 B	17ms 16ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=194712161&post=0&tz=0&srv=bhutan.kivazen.com&host=bhutan.kivazen.com&ref=&fcp=929&rand=0.26771351092423235 Requested by Host: bhutan.kivazen.com URL: https://bhutan.kivazen.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bhutan.kivazen.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers access-control-allow-origin * date Thu, 10 Feb 2022 11:38:52 GMT cache-control no-cache server nginx content-length 50 content-type image/gif

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr object| atOptions object| twemoji object| wp object| fifuImageVars object| observer function| disableClick function| disableLink function| fifu_fix_gallery_height boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| _stq function| st_go function| linktracker_init object| wpcom

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bhutan.kivazen.com/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://bhutan.kivazen.com/(Line 97) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/8028ee8096899b90c29132d154655901/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bhutan.kivazen.com/(Line 97) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/8028ee8096899b90c29132d154655901/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.variouscreativeformats.com/8028ee8096899b90c29132d154655901/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://bhutan.kivazen.com/(Line 108) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/3e2d1f059724fcd151b055d65ded1cd6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bhutan.kivazen.com/(Line 108) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/3e2d1f059724fcd151b055d65ded1cd6/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.variouscreativeformats.com/3e2d1f059724fcd151b055d65ded1cd6/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://bhutan.kivazen.com/(Line 327) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/77ee235fe81d94ef090b6ae97b314a54/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bhutan.kivazen.com/(Line 327) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/77ee235fe81d94ef090b6ae97b314a54/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.variouscreativeformats.com/77ee235fe81d94ef090b6ae97b314a54/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://bhutan.kivazen.com/(Line 336) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/0a87b4dc4239a4d2e86a7a861cd68ded/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bhutan.kivazen.com/(Line 336) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/0a87b4dc4239a4d2e86a7a861cd68ded/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.variouscreativeformats.com/0a87b4dc4239a4d2e86a7a861cd68ded/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://bhutan.kivazen.com/(Line 353) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/dedbaaf9ecd7fb5a559b50b57e3a13ca/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bhutan.kivazen.com/(Line 353) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.variouscreativeformats.com/dedbaaf9ecd7fb5a559b50b57e3a13ca/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.variouscreativeformats.com/dedbaaf9ecd7fb5a559b50b57e3a13ca/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bhutan.kivazen.com
e0.365dm.com
fonts.googleapis.com
fonts.gstatic.com
globalnews.ca
i.cbc.ca
images.thestar.com
library.sportingnews.com
pixel.wp.com
smartcdn.gprod.postmedia.digital
staticg.sportskeeda.com
stats.wp.com
www.ctvnews.ca
www.ft.com
www.variouscreativeformats.com
104.70.84.198
104.89.21.36
143.204.98.39
151.101.2.209
151.106.104.248
192.0.66.184
192.0.76.3
192.243.59.12
2606:4700::6812:fd8
2a00:1450:4001:828::2003
2a00:1450:4001:830::200a
2a02:26f0:1700:58d::3757
2a04:4e42:600::644
34.149.157.221
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c
1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22
145be70fd905c5cc59d56e258fd4dfa5758d20b2829a76552a32ca32c63e9291
210ad1618534372d1c14e17649f0180e811159fe5c5429b3e966405ee86131a3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb3cd0ca0d3d8ece245e8ddea668ccfaeb682731a9dbb6b24df278e5617bf0d
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
4f01f772d0e0b042e1a1dae556230f2743bf08192dfd42cf1bf0583522a6c630
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
7890896d532ec052994900fbb7a060c62fbbbe3ed34bb5c2e9ea4979d2083e9f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ab1fa28942097af81fa786f8b9e83f274e65abb3f96e7046038508f251f290
7d93c590c3e6266912f318f4d390477afd6252b90b4dd9c0d6ac60520c893c9f
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c10ce32c6b4b1cdf1305234dbe828c4f67b8212273b82968f6abd2f8225b141
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
a0dc9cf10ad914de462400d2d6a8b840c69fe17aba496ceb16317c7c9123898a
ab341bae9e5eee32b1904d0a04d85b3f0ba2c27f4a4c9b94d54c83c74ad21e9c
b3d8114695bcf0adcd00c3af4d0906ecf7f50168143f9774e0884deb5adc7f97
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b862b809cfe4835b1795ec5788bf374bac716aa66c941f5170fb1f500a04c56d
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
d69264271455554818b268c064fc369f47649600f33323a0282c8d29e751190e
d77da8e1601acf4642a0bb75a4f7bd453d7b102fd4a26bd23581bfbc0a180b92
dbea49c7281ffb8eab498cb2aba609337efc9ad80ff859bf38f49c1a4cf61e9f
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1