www.deivan.tk Open in urlscan Pro
2a00:1450:400c:c0d::79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.deivan.tk/
Submission: On September 16 via manual (September 16th 2022, 1:48:29 pm UTC) from VE — Scanned from DE

Summary HTTP 62 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 62 HTTP transactions. The main IP is 2a00:1450:400c:c0d::79, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is www.deivan.tk.
TLS certificate: Issued by GTS CA 1D4 on August 23rd 2022. Valid for: 3 months.

This is the only time www.deivan.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:400c:c0d::79	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
62	15

3 2a00:1450:400c:c0d::79 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

www.deivan.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

h.mrjaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 14465	2 MB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	274 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	10 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	219 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	deivan.tk www.deivan.tk	52 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9081	914 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	642 B
1	gstatic.com fonts.gstatic.com	37 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	42 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 8716	56 KB
1	mrjaz.com h.mrjaz.com	606 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 797	12 KB
62	14

	Domain	Requested by
24	blogger.googleusercontent.com	www.deivan.tk
7	pagead2.googlesyndication.com	www.deivan.tk pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	cdnjs.cloudflare.com	www.deivan.tk
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.deivan.tk	www.deivan.tk cdnjs.cloudflare.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	www.deivan.tk
1	cdn.jsdelivr.net	www.deivan.tk
1	www.googletagmanager.com	www.deivan.tk
1	www.blogger.com	www.deivan.tk
1	h.mrjaz.com	www.deivan.tk
1	unpkg.com	www.deivan.tk
62	16

This site contains links to these domains. Also see Links.

Domain
www.am2z.com
www.mrjaz.com
templatetoy.mrjaz.com
sohanisharma.com
templatefly.mrjaz.com
www.youtube.com
www.blogger.com

Subject Issuer	Validity	Valid
www.deivan.tk GTS CA 1D4	`2022-08-23` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
h.mrjaz.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.deivan.tk/
Frame ID: E9EA33FEB7D5CEAAA22783476771A846
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: D90C00303F89D1B4DE169E1AEB91B81B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&adk=1812271804&adf=3025194257&lmt=1663286425&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.deivan.tk%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103436&bpp=2&bdt=575&idt=214&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5254479977798&frm=20&pv=2&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=231
Frame ID: 8ACA5D83430B6027361874886F4CFC32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&slotname=9496005704&adk=24353586&adf=2029293275&pi=t.ma~as.9496005704&w=1110&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103438&bpp=2&bdt=577&idt=236&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=krmaXwDBJQ&p=https%3A//www.deivan.tk&dtd=240
Frame ID: B2C9B86B82B14446EFFDE4D182868467
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&slotname=6231370504&adk=1316635141&adf=2746222230&pi=t.ma~as.6231370504&w=1110&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103440&bpp=1&bdt=579&idt=242&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TgIPO3VVGQ&p=https%3A//www.deivan.tk&dtd=245
Frame ID: 0256786F48FEE0A3F0A3760EF550F284
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&slotname=5349689205&adk=3665059778&adf=1563699986&pi=t.ma~as.5349689205&w=1110&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103441&bpp=1&bdt=580&idt=248&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YX1hXQoQ51&p=https%3A//www.deivan.tk&dtd=250
Frame ID: B0ED2F5524F52AD0DDB87A8D05CC2688
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&adk=2834853187&adf=3262027039&pi=t.aa~a.1095268879~rp.1&w=490&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&to=qs&pwprc=3977743074&psa=0&format=490x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103829&bpp=1&bdt=968&idt=1&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28648f037bf53a77-22c2374c24ce0014%3AT%3D1663336103%3ART%3D1663336103%3AS%3DALNI_MbR-fhONeZzpgF4NpcgkBkTjo_u3Q&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iaocIOEPVS&p=https%3A//www.deivan.tk&dtd=5
Frame ID: DFDC2DB1ABEAA68A37FDDE1C2F65D195
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C70EC88B0CC978275DA6E0EB08A8C02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 621EF00F5C2E03F458A42D62E2202D9E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DEIVAN

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

98 %
HTTPS

93 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

2624 kB
Transfer

3672 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.am2z.com/
Title: Am2z.com

Search URL Search Domain Scan URL

URL: https://www.mrjaz.com/
Title: MrJaz.com

Search URL Search Domain Scan URL

URL: https://templatetoy.mrjaz.com/
Title: MrJaz.com

Search URL Search Domain Scan URL

URL: https://sohanisharma.com/
Title: Sohani Sharma/a>

Search URL Search Domain Scan URL

URL: https://templatefly.mrjaz.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChzMQ3Hdot3KP8h6SIQKETg
Title: Ver aqui

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.deivan.tk/ 169 KB
40 KB 608ms
471ms Document
text/html 2a00:1450:400c:c0d::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::79 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c08b22f5b502286e22243249bcef7a05952dca7fa70a5ec3b36eb734745c2f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 40482
content-type: text/html; charset=UTF-8
date: Fri, 16 Sep 2022 13:48:22 GMT
etag: W/"cda933cb086a1dfa7bee3eef24f15fd0c9632fe8b31272187efdb434896772b1"
expires: Fri, 16 Sep 2022 13:48:22 GMT
last-modified: Fri, 16 Sep 2022 00:00:25 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: all,noodp
x-xss-protection: 1; mode=block

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 67ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 143331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZBTFUxp%2F9vRDXgJ9vsdAC8KSHJikekVXvARsYtxWUFgx3tqLOPtJqgofCg26PyoU2qsP3uo7%2B3JqUCGIszGlywTEe7%2B%2Brxx70bKbxVyOobkFArC%2BuNiSPrar6TAS3DS9KHdVIBz8LCZv01v919SqSPN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ba0f3359348ffe-FRA
expires: Wed, 06 Sep 2023 13:48:22 GMT

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.1.2/css/ 65 KB
12 KB 79ms
34ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:22 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16651176
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1040b-st8SVFhWC0QWHIN1iDcT6zrpEwU"
fly-request-id: 01FXK13VT4ZHGBSE1GHYV7G6RV-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74ba0f335f15bb85-FRA

GET font-awesome.min.css
www.deivan.tk/path/to/font-awesome/css/ 0
0

GET
H2 200 fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 57 KB
10 KB 70ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/fontawesome.min.css

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1280730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10256
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e238"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5WpX3zTeoB3c7M4tfZtVTwkHtl7eCfL56%2BK7rGVLdb0A8Kd4UUTWkOjftVh9XnNw4lWP3Bd4W%2FnRBGpSMS6uZFGD1cOeo2cbNhvnI6X1Pcco2urio9SHPvE0WQfq5l7obuE4p%2FC7rWg8cWQfjXsoutR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ba0f3359388ffe-FRA
expires: Wed, 06 Sep 2023 13:48:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 186ms
124ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af9fd4cd346bd911281330b073bbd9bf70c7a3fad045be5a5954e26e36388db6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58014
x-xss-protection: 0
server: cafe
etag: 12716659044229903627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 13:48:23 GMT

GET
H2 200 AVvXsEhGAQFPDW_9IMBQmJcqpQkJ3cPCWk_1R9CLVyLncrt1STW0-xouZrvRXiu1-1To-29MNBsZQ1qXeCutI-E8av-tEEJe6cqv0nJes3P7G6aFngT1ILQrIIW6S11N0EKKuNtEQYmnKDRrsJ_cKN5eFuUrsldDWsF4iTMD6mVpAizIF53XxS0QyU_gpPfuOg=s313
blogger.googleusercontent.com/img/a/ 9 KB
10 KB 384ms
333ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhGAQFPDW_9IMBQmJcqpQkJ3cPCWk_1R9CLVyLncrt1STW0-xouZrvRXiu1-1To-29MNBsZQ1qXeCutI-E8av-tEEJe6cqv0nJes3P7G6aFngT1ILQrIIW6S11N0EKKuNtEQYmnKDRrsJ_cKN5eFuUrsldDWsF4iTMD6mVpAizIF53XxS0QyU_gpPfuOg=s313

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e9816f027f765cd88cbf5b6bc87ca41c2b9cec7605afc9e0f1754d23c1c15e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v476"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LOGO.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9598
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 131ms
70ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6471914938693192

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e2656cf69682e899e2d7d79a3ac59ac752cd732e41f402ea2acf5969beae434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Origin: https://www.deivan.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57992
x-xss-protection: 0
server: cafe
etag: 14018354627958047481
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 13:48:23 GMT

GET
H2 200 bh.js Show response
h.mrjaz.com/ 408 B
606 B 129ms
37ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://h.mrjaz.com/bh.js
Requested by: Host: www.deivan.tk
URL: https://www.deivan.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: e49d8cc28350777ad25fa4d26fe21150fcba71ee9d23158aff0843368cc78904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id: 34161aed53271f4d85fdd452d656640d2f4d8ae2
date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
age: 347
x-cache: HIT
content-length: 224
x-served-by: cache-ams21025-AMS
access-control-allow-origin: *
last-modified: Thu, 08 Sep 2022 13:58:05 GMT
server: GitHub.com
x-github-request-id: 5D0C:15D9:FF801:105CD9:6319F60B
x-timer: S1663336103.080866,VS0,VE1
etag: W/"6319f4ed-198"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 08 Sep 2022 14:11:13 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 AVvXsEhJ3pC5M590iU5f5rraUXJVzhzLCZSoxYQS4ttS65z-DDf3Me42wiMwoHlSXQEF902QHMX6kVomjl9jGHFevt0uyfEhUl-QrnP1d6bHPEWy_zGJd0l4C2Ca6KJdcxWxpASFoLYsgtZFZKE-mYJ9-keWbVSWI40PSy6E2uuVOu99T9xPODv86vtVXBm1QA=s313
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 489ms
439ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhJ3pC5M590iU5f5rraUXJVzhzLCZSoxYQS4ttS65z-DDf3Me42wiMwoHlSXQEF902QHMX6kVomjl9jGHFevt0uyfEhUl-QrnP1d6bHPEWy_zGJd0l4C2Ca6KJdcxWxpASFoLYsgtZFZKE-mYJ9-keWbVSWI40PSy6E2uuVOu99T9xPODv86vtVXBm1QA=s313

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a50eb28c382d15b4e062beb3106960cedc556d48bed02d6aac37b8009a70e721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v471"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DEOAOSDA.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2404
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 26ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 676342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eug9Od3Sa%2BZ1WXH1HQMewWO8IKAv%2FTZ7FZwazFzGPS6qsIuwx7ShhA4Osd5FLNRUC2rfW8KkFfnNLTnwzn4oKrt%2BVTV4NXzWUdUC8j%2B62c919NBbnvhkGMDy7ptD38CST28JxEZEuKfsVh6z6e3fZiMw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ba0f346b028ffe-FRA
expires: Wed, 06 Sep 2023 13:48:23 GMT

GET
H2 200 cookienotice.js Show response
www.deivan.tk/js/ 6 KB
2 KB 30ms
29ms Script
text/javascript 2a00:1450:400c:c0d::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deivan.tk/js/cookienotice.js

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::79 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Sep 2022 12:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 23 Sep 2022 13:48:23 GMT

GET
H2 200 3753684042-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 102ms
21ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3753684042-widgets.js

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 12:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57039
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 16 Sep 2023 12:21:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 80ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-212295892-1

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

229891a72424f2cd8f3cf753a5c0b0268a71783b5bc83ac4be73e5a11ddd4128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42368
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Sep 2022 13:48:23 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 81ms
34ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11936
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bneSkN%2BgOYcitklli0GYBs9v9jilGR5bC0CthCZ2cqVD8WA0x7pyDjyyOOqEjyLsKtX49iaw%2B%2FofXi2RhHvineL6gaH2KadQS%2FVb7QMBEshDjCv6SJC3SnjyHRGxYwgTy%2B2gJg8lrJW4qRuLpzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 74ba0f35b8aa9c0a-FRA

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 53ms
29ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deivan.tk/
Origin: https://www.deivan.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 677429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13548
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEaMrcj3C8s7FtW7IafqYtMwSVyDY9EmpttdaASroilpSXI0Dvdv8seDK96l6p6vUVtbv%2B1cHFnHqASUSmy%2B0kxexglCpmMOHw%2FJX21uCh8TgaXGOBnxObHLwWv3wSMLH8HKtdNXstSAeZy1meiXJCbv"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ba0f35ace59a03-FRA
expires: Wed, 06 Sep 2023 13:48:23 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 72ms
50ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deivan.tk/
Origin: https://www.deivan.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7919101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80300
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCtOX37jqTrUIzDFo1bFr5l%2FQVJb7U0kWcPcbxmcwYI67Z72yEPqaIk25d5GMNo4R80kuFHZ2pwX5HlrI0hvytI0q%2BikdpUzBaie4WUkvPlnHBoRjq0EdouFfbYlR1CdRfxKSSiV2Izh0dckJvh0NOU0"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ba0f35ace79a03-FRA
expires: Wed, 06 Sep 2023 13:48:23 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v2/ 36 KB
37 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Origin: https://www.deivan.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 07:13:14 GMT
x-content-type-options: nosniff
age: 23709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36740
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:37:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 16 Sep 2023 07:13:14 GMT

GET
H2 200 default Show response
www.deivan.tk/feeds/posts/ 62 KB
10 KB 273ms
273ms XHR
application/json 2a00:1450:400c:c0d::79
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deivan.tk/feeds/posts/default?alt=json&max-results=5

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::79 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

573f8fbff36b2f453387a7f5f1009c77f4ca60d8169b32976705d5dcf1174eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.deivan.tk/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Sep 2022 00:00:25 GMT
server: blogger-renderd
etag: W/"4a0a5571cbfebb3f63964ec116ca6ab04bab7c9646f7b8fdd8ff9df25b5d980b"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 10110
x-xss-protection: 0
expires: Fri, 16 Sep 2022 13:48:24 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 55ms
55ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.deivan.tk/
Origin: https://www.deivan.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 139219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78460
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhA2ow59AUjHIxuTEGcu8YO3E4gmMEt2Orok7PwfeirlKqIlVpuU5%2FLaus%2Bt4jqwNOt482JLe3vgIt76XDUz9Q7bRNKp5STDerWxIWBo35jDCOezLVXob34kpn11k9DwjCDWQ00afBInZRPlpK0wOnq4"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74ba0f35ed419a03-FRA
expires: Wed, 06 Sep 2023 13:48:23 GMT

GET
H2 200 B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nl... 163 KB
164 KB 632ms
630ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nlNBGppSHjKnLLctNKK6_EkO3AyS0CotB9DkU6j3awuw/w759-h468-p-k-no-nu/B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94f632c642928245e3759d7565416c2594ce030f33ce7913a93d853e1e45966b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v486"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167203
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWc542jZYwv1Km773HVGs9Eo4QWkjpFRqWCziNR3M4RPeD6Ki4PfSDMqW4UVIBdhxATqX8BFn9r3qdP1E6qb3RYoxjUqsqjsNonY_yKN_eypcLyEZ0NGqqhOrr1AU9Jtz1VqJnUB40HNMQTmJT... 56 KB
56 KB 680ms
678ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWc542jZYwv1Km773HVGs9Eo4QWkjpFRqWCziNR3M4RPeD6Ki4PfSDMqW4UVIBdhxATqX8BFn9r3qdP1E6qb3RYoxjUqsqjsNonY_yKN_eypcLyEZ0NGqqhOrr1AU9Jtz1VqJnUB40HNMQTmJTu8XxWY-v1aQs1rlhATqF3PWwAXZtqX9OpGqcxgXbQg/w440-h228-p-k-no-nu/WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b375e0c0a8c93d1d71af358f31f3f78894ae715ddb360cf56793eebe36682ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v45a"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2022-07-16 at 2.33.46 PM.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57487
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H2 200 WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH... 53 KB
53 KB 616ms
614ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH5Fmv-nQ_Hk1t3VxkrcKdQ3iLhvI-EE4Q-peDD0STDw/w440-h217-p-k-no-nu/WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ec891d4467e9879166a9edee17493598013626d3e70acfeb14c17f371413afe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v45c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2022-07-16 at 2.33.46 PM.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53808
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nl... 59 KB
59 KB 1271ms
1269ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nlNBGppSHjKnLLctNKK6_EkO3AyS0CotB9DkU6j3awuw/w363-h231-p-k-no-nu/B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c8396c19f652312b82baee7301cc1bf0aef2ff3114ead581e5c595bd496c4223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v486"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60569
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H2 200 WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH... 50 KB
50 KB 600ms
598ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH5Fmv-nQ_Hk1t3VxkrcKdQ3iLhvI-EE4Q-peDD0STDw/w363-h231-p-k-no-nu/WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

890a80f2b5ea18dc0ae1614ed9cd18df239c193d3654fb7dfb98070407d5fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v45c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2022-07-16 at 2.33.46 PM.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50965
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBjLSczMoYDUb2bu010BjB_A-de7wnpKb2QV26ZExQ3X2wtjCxCO1th4fIvBY4GTaFyU229Hn9EqY5WmVTfyyZ5bkGt_5NVfh42mrXPXlhs3H3xuzOu2Pd7Qd1BXv7vn63gLqhMV7T11DldsAm... 43 KB
43 KB 581ms
580ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBjLSczMoYDUb2bu010BjB_A-de7wnpKb2QV26ZExQ3X2wtjCxCO1th4fIvBY4GTaFyU229Hn9EqY5WmVTfyyZ5bkGt_5NVfh42mrXPXlhs3H3xuzOu2Pd7Qd1BXv7vn63gLqhMV7T11DldsAmV6t9hCp5AiA7M4A9xDmygFviDzIXqONw3fxo2pBZYw/w363-h231-p-k-no-nu/AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

581925cea5045529814dab10b5242f1c858f8dcb90f0a0c17dfb9a7aa40987b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v413"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44298
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 58160D15-52F3-4602-8453-8BF579B897B8.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkoQHRPC56cJH_VNtHC2wZne7qUsa2RgGMOhugS1HoxVazkvf0D8Hs_BsiDpVh9YbUCLmL0CjhKB7Mumm-ugbgYF8u0_VxpRNt8j4Z6RQeP6T4V2F7hBfj0N1FIXXGEZ-JJTopV06iI-QsC31_... 37 KB
37 KB 629ms
628ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkoQHRPC56cJH_VNtHC2wZne7qUsa2RgGMOhugS1HoxVazkvf0D8Hs_BsiDpVh9YbUCLmL0CjhKB7Mumm-ugbgYF8u0_VxpRNt8j4Z6RQeP6T4V2F7hBfj0N1FIXXGEZ-JJTopV06iI-QsC31_w2P-SyvqxZB709qCXHsl92bZvE9sRxmYuDAi-ayCag/w363-h231-p-k-no-nu/58160D15-52F3-4602-8453-8BF579B897B8.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a1baf979898c80b5b40956a45cee0c403d23d0b9456a23c831a31cc63a327aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v41b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="58160D15-52F3-4602-8453-8BF579B897B8.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37913
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK-hYm-_Y1_etfJmtH7S36UmYF_OdzDle5j4U5MANnq9l7sXRUftqKjqqMkdmByyHzVILdqGwMdSXnrNQmd196t8LHN1KT35U6zSYWb53Ip_hWyLr_th6I4OGufQEdYetgDLlJTA1hashc72UU... 52 KB
52 KB 547ms
547ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK-hYm-_Y1_etfJmtH7S36UmYF_OdzDle5j4U5MANnq9l7sXRUftqKjqqMkdmByyHzVILdqGwMdSXnrNQmd196t8LHN1KT35U6zSYWb53Ip_hWyLr_th6I4OGufQEdYetgDLlJTA1hashc72UUfd03VurEsTSEiZuH-25omjE0Gflj4x7nYkIeha1niA/w363-h231-p-k-no-nu/BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

40b892231e004e1f954fbc99e0953a4c6029fa3957e758f86e64ec280bbab9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v40b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53397
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 60CF25F0-C30B-4D8C-8626-F9CAC6206292.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmi2DxgtKoiXKLtAP5eOsk3cFqU7Z1i2Wodig74kaxjT8CzmPFHzHuvNmRPmy_NKovQ05nPdvzEkOBibJEqi-qK6XQmnbmDmIf_xkIedkRdtwaezXXdcmuiaIj91ldylFd7o78iSKfo74l9bSR... 56 KB
56 KB 736ms
736ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmi2DxgtKoiXKLtAP5eOsk3cFqU7Z1i2Wodig74kaxjT8CzmPFHzHuvNmRPmy_NKovQ05nPdvzEkOBibJEqi-qK6XQmnbmDmIf_xkIedkRdtwaezXXdcmuiaIj91ldylFd7o78iSKfo74l9bSRkZFl1oNymMYL5aKNi-TTiQFAKU9VrIBGYM9QJ4EeXg/w363-h231-p-k-no-nu/60CF25F0-C30B-4D8C-8626-F9CAC6206292.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

88869a6b72a31cecfe76385f942af0bb5973686012c53a9bee562bcaeeba5d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v3fd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="60CF25F0-C30B-4D8C-8626-F9CAC6206292.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57704
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 117ms
75ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6471914938693192&plah=www.deivan.tk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6471914938693192

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e54cf54044e468826bde311710e96cac79ce702ecca83a3eb30b2f630625c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124738
x-xss-protection: 0
server: cafe
etag: 17679908310944469603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 13:48:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame D90C 10 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6471914938693192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 00:49:25 GMT
etag: 9671129459699598864
expires: Fri, 30 Sep 2022 00:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nl... 942 KB
943 KB 381ms
379ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

26e577d0d924656883fe18d42985dfedcbbe094d6227778b722bb59e666b5f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v486"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 965115
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 flyer%201.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7KJfE_TOlOyrmTsmQT9SEREcnFvUDAz29VFu4Ag3cGiM11KtcMO7Baw8fYAI58BrqD0IAi6mnlXQH_Kvnr30CqYc6Gh1NWl_a5NgoXMNdjK2oaS5xFcYB54-vCYvjNNQWvcFLcNFmqRCnctWk... 33 KB
33 KB 337ms
334ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7KJfE_TOlOyrmTsmQT9SEREcnFvUDAz29VFu4Ag3cGiM11KtcMO7Baw8fYAI58BrqD0IAi6mnlXQH_Kvnr30CqYc6Gh1NWl_a5NgoXMNdjK2oaS5xFcYB54-vCYvjNNQWvcFLcNFmqRCnctWkcn34DvOcCwgmLgScHX40nekDevbNBzfsWY2oJi29Iw/s16000/flyer%201.png

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db4bfe2ddd60b83b5bb1095264ce5c7086d94e5cbc8a2b4347045ed3c05dc463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v48a"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="flyer 1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33388
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 FLYER%202.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqCZCG33mp1nxoMDFKTZjEJrIUQYZAeLEOK7h-pa1Ay1TRj5GEcR8ENjdW45wj14XFDhRh0iCjS4pGsgyYmR5rSLT4FgLurjkn0Xj_EXr3H9Ijh8mo47mDcebLRjZTOnrSzbucj8rSys9IXyPH... 63 KB
63 KB 357ms
354ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqCZCG33mp1nxoMDFKTZjEJrIUQYZAeLEOK7h-pa1Ay1TRj5GEcR8ENjdW45wj14XFDhRh0iCjS4pGsgyYmR5rSLT4FgLurjkn0Xj_EXr3H9Ijh8mo47mDcebLRjZTOnrSzbucj8rSys9IXyPHA_xbn1Uu2a1qG8Hv4I3VlPEqHyAiPOLZZsDokYX5Og/s16000/FLYER%202.png

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f0ea4f6d65ae6623376327de215e9858b85dedb9c23da744f60622ba6e720ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v480"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FLYER 2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64745
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 FLYER%203.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6tGm1Y1NS0oZ_9nOIu2_uApvZQ6M4cYDurquMSs6T8ua5Osp9LI9fiB5IZUtAUfx0b5xvXt__K86-ODkZzz9hV_9jfpGIhfURi7W8t_z_DA8ElUXIS0qo9WPFrInTgD7xj11Zr5Kzp2VG3IAY... 38 KB
38 KB 375ms
373ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6tGm1Y1NS0oZ_9nOIu2_uApvZQ6M4cYDurquMSs6T8ua5Osp9LI9fiB5IZUtAUfx0b5xvXt__K86-ODkZzz9hV_9jfpGIhfURi7W8t_z_DA8ElUXIS0qo9WPFrInTgD7xj11Zr5Kzp2VG3IAYY9lXBo24BGUuhuwVuzvRKNS0tVKXITj3lxlohkB-fw/s16000/FLYER%203.png

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5d8211d4be0c9a0ae2909b23ce941512ba6f38929589bdab503f092e244ae457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v482"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FLYER 3.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38582
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH... 38 KB
38 KB 314ms
312ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH5Fmv-nQ_Hk1t3VxkrcKdQ3iLhvI-EE4Q-peDD0STDw/s320/WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f155a70a1b23d730c79420c04503d48639395caf9e9bd8d9dd86a7dd003fe921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v45c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2022-07-16 at 2.33.46 PM.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38894
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBjLSczMoYDUb2bu010BjB_A-de7wnpKb2QV26ZExQ3X2wtjCxCO1th4fIvBY4GTaFyU229Hn9EqY5WmVTfyyZ5bkGt_5NVfh42mrXPXlhs3H3xuzOu2Pd7Qd1BXv7vn63gLqhMV7T11DldsAm... 35 KB
35 KB 371ms
369ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f986e85880ec47616751777adabd5761a2a0fe8b1875bbd1fa7951bd768c5adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v413"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35533
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 58160D15-52F3-4602-8453-8BF579B897B8.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkoQHRPC56cJH_VNtHC2wZne7qUsa2RgGMOhugS1HoxVazkvf0D8Hs_BsiDpVh9YbUCLmL0CjhKB7Mumm-ugbgYF8u0_VxpRNt8j4Z6RQeP6T4V2F7hBfj0N1FIXXGEZ-JJTopV06iI-QsC31_... 29 KB
29 KB 335ms
333ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b13b1a3e5a554c459e9d888143d2a268752d9d2db986e342eff421d1caf71fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v41b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="58160D15-52F3-4602-8453-8BF579B897B8.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29974
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK-hYm-_Y1_etfJmtH7S36UmYF_OdzDle5j4U5MANnq9l7sXRUftqKjqqMkdmByyHzVILdqGwMdSXnrNQmd196t8LHN1KT35U6zSYWb53Ip_hWyLr_th6I4OGufQEdYetgDLlJTA1hashc72UU... 40 KB
41 KB 364ms
363ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f4424891c20a960a6d2446c39457141ae12ddeac6e066d75e90049773209e167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v40b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41399
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:23 GMT

GET
H2 200 B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nl... 26 KB
26 KB 570ms
569ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzDDUJHzvBKQAq-N2TTkYNzVEEnL2sGE-pb85P3hG-1vCPOK5to2Mmui6g3PLY3HfNAkmMj6UQ7L5rBhYJ_ZYcCIPd-OQRkt_idxIQk7033UEQH1CUZzLEbyQXiX27UDKNGC0bpg96nxy8r2nlNBGppSHjKnLLctNKK6_EkO3AyS0CotB9DkU6j3awuw/w218-h132-p-k-no-nu/B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63be00d3240676677be7786c5997526449c6905393d2805a01dc6e694de41bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v486"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="B72B794F-6C87-4E7A-9648-8A77B94A28BE.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26926
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H2 200 WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH... 23 KB
23 KB 628ms
627ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie8dOK8gqPM5aU5yP89__ZKoUBBBDaPzVfTCSawS9Wrf5K89KM36FHZiCz3UvIgDrU0YAB6ufMttUp7XAYjeBtNRsb83qNwycrTQsyttSHKaH4DMWAbI2F89oj-Ja6ua9-P9x92mChx_fICyZH5Fmv-nQ_Hk1t3VxkrcKdQ3iLhvI-EE4Q-peDD0STDw/w218-h132-p-k-no-nu/WhatsApp%20Image%202022-07-16%20at%202.33.46%20PM.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

33886f80a64655eb7049b237f9162ffd6fe0b11e1cb00aa3f97c96e43a3e2000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v45c"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2022-07-16 at 2.33.46 PM.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23780
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H2 200 AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBjLSczMoYDUb2bu010BjB_A-de7wnpKb2QV26ZExQ3X2wtjCxCO1th4fIvBY4GTaFyU229Hn9EqY5WmVTfyyZ5bkGt_5NVfh42mrXPXlhs3H3xuzOu2Pd7Qd1BXv7vn63gLqhMV7T11DldsAm... 20 KB
20 KB 1722ms
1721ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBjLSczMoYDUb2bu010BjB_A-de7wnpKb2QV26ZExQ3X2wtjCxCO1th4fIvBY4GTaFyU229Hn9EqY5WmVTfyyZ5bkGt_5NVfh42mrXPXlhs3H3xuzOu2Pd7Qd1BXv7vn63gLqhMV7T11DldsAmV6t9hCp5AiA7M4A9xDmygFviDzIXqONw3fxo2pBZYw/w218-h132-p-k-no-nu/AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd37bb824786fafdb6b405c8cbd5b85f99775925bd3f5f47c36b2d0f66f0958a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v413"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AAF346B4-F1B3-4209-835B-ACB97DF2212C.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20799
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:25 GMT

GET
H2 200 58160D15-52F3-4602-8453-8BF579B897B8.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkoQHRPC56cJH_VNtHC2wZne7qUsa2RgGMOhugS1HoxVazkvf0D8Hs_BsiDpVh9YbUCLmL0CjhKB7Mumm-ugbgYF8u0_VxpRNt8j4Z6RQeP6T4V2F7hBfj0N1FIXXGEZ-JJTopV06iI-QsC31_... 18 KB
18 KB 534ms
533ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkoQHRPC56cJH_VNtHC2wZne7qUsa2RgGMOhugS1HoxVazkvf0D8Hs_BsiDpVh9YbUCLmL0CjhKB7Mumm-ugbgYF8u0_VxpRNt8j4Z6RQeP6T4V2F7hBfj0N1FIXXGEZ-JJTopV06iI-QsC31_w2P-SyvqxZB709qCXHsl92bZvE9sRxmYuDAi-ayCag/w218-h132-p-k-no-nu/58160D15-52F3-4602-8453-8BF579B897B8.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bde1e8b7198ed7563cf4d7a4eaf73d7e747273d350f41eee78d4d72ae8490e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v41b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="58160D15-52F3-4602-8453-8BF579B897B8.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18168
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H2 200 BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK-hYm-_Y1_etfJmtH7S36UmYF_OdzDle5j4U5MANnq9l7sXRUftqKjqqMkdmByyHzVILdqGwMdSXnrNQmd196t8LHN1KT35U6zSYWb53Ip_hWyLr_th6I4OGufQEdYetgDLlJTA1hashc72UU... 25 KB
25 KB 417ms
416ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiK-hYm-_Y1_etfJmtH7S36UmYF_OdzDle5j4U5MANnq9l7sXRUftqKjqqMkdmByyHzVILdqGwMdSXnrNQmd196t8LHN1KT35U6zSYWb53Ip_hWyLr_th6I4OGufQEdYetgDLlJTA1hashc72UUfd03VurEsTSEiZuH-25omjE0Gflj4x7nYkIeha1niA/w218-h132-p-k-no-nu/BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg

Requested by

Host: www.deivan.tk
URL: https://www.deivan.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5f652d51bd6e086bb3090c7d1418cd436c255d9202e658045d337d49967bede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v40b"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BC40DA82-B1CB-4A41-B676-9F00312C7856.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25209
x-xss-protection: 0
expires: Sat, 17 Sep 2022 13:48:24 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
642 B 98ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.deivan.tk&callback=_gfp_s_&client=ca-pub-6471914938693192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6471914938693192&plah=www.deivan.tk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

040055c881e0f8b7b4772d3bb17e9bb3b34116a3600135e81972b6a1cf10d4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 75ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.deivan.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.deivan.tk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8ACA 13 KB
5 KB 134ms
134ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&adk=1812271804&adf=3025194257&lmt=1663286425&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.deivan.tk%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103436&bpp=2&bdt=575&idt=214&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5254479977798&frm=20&pv=2&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245d528215bdd8bb7ff58c34c8a8f0da50ea7b8e05848f2341710c504faeede8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:48:23 GMT
expires: Fri, 16 Sep 2022 13:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B2C9 436 B
235 B 223ms
223ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&slotname=9496005704&adk=24353586&adf=2029293275&pi=t.ma~as.9496005704&w=1110&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103438&bpp=2&bdt=577&idt=236&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=krmaXwDBJQ&p=https%3A//www.deivan.tk&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb1d851a9775f8d333df765d51ac739231cfe2da2cd2720c2d2a852977cb1d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:48:23 GMT
expires: Fri, 16 Sep 2022 13:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0256 436 B
236 B 220ms
220ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&slotname=6231370504&adk=1316635141&adf=2746222230&pi=t.ma~as.6231370504&w=1110&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103440&bpp=1&bdt=579&idt=242&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TgIPO3VVGQ&p=https%3A//www.deivan.tk&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b447f3092eddd223d9a16b5b9d1f87f0214ca36ba2d10605ad144dff4dca5c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:48:23 GMT
expires: Fri, 16 Sep 2022 13:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0ED 436 B
235 B 205ms
205ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&slotname=5349689205&adk=3665059778&adf=1563699986&pi=t.ma~as.5349689205&w=1110&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103441&bpp=1&bdt=580&idt=248&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1110x280%2C1110x280&nras=1&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YX1hXQoQ51&p=https%3A//www.deivan.tk&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

403f6a43ca6dd8b1765cb46927c4c8cc113235e4263900094303f8f34ce7078c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:48:23 GMT
expires: Fri, 16 Sep 2022 13:48:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 80ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.deivan.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.deivan.tk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 13:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFDC 436 B
237 B 230ms
230ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6471914938693192&output=html&h=280&adk=2834853187&adf=3262027039&pi=t.aa~a.1095268879~rp.1&w=490&fwrn=4&fwrnh=100&lmt=1663286425&rafmt=1&to=qs&pwprc=3977743074&psa=0&format=490x280&url=https%3A%2F%2Fwww.deivan.tk%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663336103829&bpp=1&bdt=968&idt=1&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D28648f037bf53a77-22c2374c24ce0014%3AT%3D1663336103%3ART%3D1663336103%3AS%3DALNI_MbR-fhONeZzpgF4NpcgkBkTjo_u3Q&prev_fmts=0x0%2C1110x280%2C1110x280%2C1110x280&nras=2&correlator=5254479977798&frm=20&pv=1&ga_vid=533074529.1663336104&ga_sid=1663336104&ga_hid=1316628783&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069510%2C42531706&oid=2&pvsid=2887970410834924&tmod=1204716317&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=iaocIOEPVS&p=https%3A//www.deivan.tk&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb48049903315c99de3528e2805b67e61657115eda8fd8c904b5ee9af4378d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:48:24 GMT
expires: Fri, 16 Sep 2022 13:48:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 116ms
72ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95ae529e4dc97fc0e21931cc29d4d93d78949c4791c437176ed001213ca994a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 13:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11065
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 13:48:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C70 13 KB
5 KB 61ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:09:23 GMT
expires: Sat, 16 Sep 2023 13:09:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 621E 783 B
1 KB 79ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

655200e5a2317bfa22c39b362e4668e9357e534fcf0825517dff2d0a112c0c25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FsnYhUnYuPzMiNTbv8oatg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.deivan.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-FsnYhUnYuPzMiNTbv8oatg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:48:25 GMT
expires: Fri, 16 Sep 2022 13:48:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C70 36 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 11:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15932
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 11:14:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 621E 0
0 52ms
52ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2887970410834924&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0C70 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X2hHiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:48:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2887970410834924&bg=!U1ClUBTNAAZqQh0mSkI7ACkAdvg8Wt3KfSIistrtwEZY94H_Xbg9YJOQKQUq6RjeO1NYQgFcupCVZwIAAABOUgAAAAJoAQeZAqdXSaBe6D-TGFeYuIzA0wIxaE06m3g3eRWMfpkPjsddp0xfJQIofyYM8gPR7RExrfeKH36lZBkZX0gLm69uFIUJduoobtK5yw9w4Nj647Mt8LB8J7yOHvElUALyhFBhcw9yKEGBK0Xbd5IhGOMaYCJPe9M3nLvrEgxW_yMUIcfTTPYqbDr48A3FC_P2gxuJ_2WMtgZ2lv7H7QF9FKUuJnQEsYd9a5EBax1GccajUZy-Iz6ItHbVhFDfRstxY7YBkqG0HV4riy1JUrcUylXS4GQeH8Q6UEeb5e4fLeWYLvYpDXiW33lHwx0M2syQeludSNbFPHGp2gx9F76javHEZoDg77xWnJjvAaq7b2ahQGzq_3HMv88fx8bEwAWLtK8kM1ARvSWZqeXNxqDircVV5gm9BubvbrJjuD-bsMr3CFKERiIRmM6ca6dxC262neObe7PcnrbzZckMNZD4d7TaMXNR1MNE7u2FulxuU2wbva7W2JM7jp1eMprdVeSkUFaPHRpnv5e-TGHxPGPM5pM0H26_tR4N2S8_fmR7E3kqktDd2GiXKllnjTa7D7ISqMnnlMGeelm10cBvneZ6xNraJAjVmxZbWrxf3WnXg-uiFK-8G06pZafPgy0qdaa2UZp7l5zwnwaVc3hDJIGxRpK4sIXB43_IKKWXLCVvv4i_wMz698z1IOWKcCMc9vNRuAlP-VYZZ0GDCvsD147DQHQDX9--OYRtsybX_U3JMUGDLL4LyzBLDjJQExbXE5lF2r-i8vAdzxE0uU86ygNqD6eorVN2JJ6kgDZklrwLk6-6aHDCw-dK7hK2kGgfraP5YR3067UekHkhmplqlH9NdC00Zzh0zcxNIAssgEpONNTDNtmN5i0BtjXX-25GCxrMaaSf9qAWV2_El661
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.deivan.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.deivan.tk
URL: https://www.deivan.tk/path/to/font-awesome/css/font-awesome.min.css

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.deivan.tk/	1970-01-20 15:23:52	Name: __gads Value: ID=28648f037bf53a77-22c2374c24ce0014:T=1663336103:RT=1663336103:S=ALNI_MbR-fhONeZzpgF4NpcgkBkTjo_u3Q
			.doubleclick.net/	1970-01-20 15:23:52	Name: IDE Value: AHWqTUmcvKhFuf-WKOvZtPXHB_Yn6JVR9kdnM577VohIMKR_MVyZTY_RfvaSUx5jd5A

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.deivan.tk/ Message: Refused to apply style from 'https://www.deivan.tk/path/to/font-awesome/css/font-awesome.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
blogger.googleusercontent.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.mrjaz.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
unpkg.com
www.blogger.com
www.deivan.tk
www.google.com
www.googletagmanager.com
www.deivan.tk
142.250.186.98
2606:4700::6810:5914
2606:4700::6810:7daf
2606:4700::6811:190e
2606:50c0:8002::153
2a00:1450:4001:802::2009
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0d::79
040055c881e0f8b7b4772d3bb17e9bb3b34116a3600135e81972b6a1cf10d4a5
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1e9816f027f765cd88cbf5b6bc87ca41c2b9cec7605afc9e0f1754d23c1c15e1
229891a72424f2cd8f3cf753a5c0b0268a71783b5bc83ac4be73e5a11ddd4128
245d528215bdd8bb7ff58c34c8a8f0da50ea7b8e05848f2341710c504faeede8
26e577d0d924656883fe18d42985dfedcbbe094d6227778b722bb59e666b5f78
33886f80a64655eb7049b237f9162ffd6fe0b11e1cb00aa3f97c96e43a3e2000
403f6a43ca6dd8b1765cb46927c4c8cc113235e4263900094303f8f34ce7078c
40b892231e004e1f954fbc99e0953a4c6029fa3957e758f86e64ec280bbab9fc
493ab3b4b04a8f0a5e78f3dc70ccde31314e5915d8d2a68c49a9af3edba1b461
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573f8fbff36b2f453387a7f5f1009c77f4ca60d8169b32976705d5dcf1174eea
581925cea5045529814dab10b5242f1c858f8dcb90f0a0c17dfb9a7aa40987b4
5d8211d4be0c9a0ae2909b23ce941512ba6f38929589bdab503f092e244ae457
5f2ff871cd7f284064ca188d22dd0b8f2abb173b4f3cb03a7487d23717273021
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63be00d3240676677be7786c5997526449c6905393d2805a01dc6e694de41bb5
655200e5a2317bfa22c39b362e4668e9357e534fcf0825517dff2d0a112c0c25
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
88869a6b72a31cecfe76385f942af0bb5973686012c53a9bee562bcaeeba5d0f
890a80f2b5ea18dc0ae1614ed9cd18df239c193d3654fb7dfb98070407d5fb91
8e54cf54044e468826bde311710e96cac79ce702ecca83a3eb30b2f630625c95
94f632c642928245e3759d7565416c2594ce030f33ce7913a93d853e1e45966b
95ae529e4dc97fc0e21931cc29d4d93d78949c4791c437176ed001213ca994a3
9e2656cf69682e899e2d7d79a3ac59ac752cd732e41f402ea2acf5969beae434
a1baf979898c80b5b40956a45cee0c403d23d0b9456a23c831a31cc63a327aca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50eb28c382d15b4e062beb3106960cedc556d48bed02d6aac37b8009a70e721
af9fd4cd346bd911281330b073bbd9bf70c7a3fad045be5a5954e26e36388db6
b13b1a3e5a554c459e9d888143d2a268752d9d2db986e342eff421d1caf71fd1
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
b375e0c0a8c93d1d71af358f31f3f78894ae715ddb360cf56793eebe36682ef0
b447f3092eddd223d9a16b5b9d1f87f0214ca36ba2d10605ad144dff4dca5c9b
bde1e8b7198ed7563cf4d7a4eaf73d7e747273d350f41eee78d4d72ae8490e49
c08b22f5b502286e22243249bcef7a05952dca7fa70a5ec3b36eb734745c2f20
c8396c19f652312b82baee7301cc1bf0aef2ff3114ead581e5c595bd496c4223
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d5f652d51bd6e086bb3090c7d1418cd436c255d9202e658045d337d49967bede
db4bfe2ddd60b83b5bb1095264ce5c7086d94e5cbc8a2b4347045ed3c05dc463
dd37bb824786fafdb6b405c8cbd5b85f99775925bd3f5f47c36b2d0f66f0958a
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d8cc28350777ad25fa4d26fe21150fcba71ee9d23158aff0843368cc78904
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
ec891d4467e9879166a9edee17493598013626d3e70acfeb14c17f371413afe4
f0ea4f6d65ae6623376327de215e9858b85dedb9c23da744f60622ba6e720ac8
f155a70a1b23d730c79420c04503d48639395caf9e9bd8d9dd86a7dd003fe921
f4424891c20a960a6d2446c39457141ae12ddeac6e066d75e90049773209e167
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
f986e85880ec47616751777adabd5761a2a0fe8b1875bbd1fa7951bd768c5adb
fb1d851a9775f8d333df765d51ac739231cfe2da2cd2720c2d2a852977cb1d4a
fb48049903315c99de3528e2805b67e61657115eda8fd8c904b5ee9af4378d10

www.deivan.tk Open in urlscan Pro 2a00:1450:400c:c0d::79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

93 %IPv6

14 Domains

16 Subdomains

15 IPs

3 Countries

2624 kBTransfer

3672 kBSize

2 Cookies

7 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.deivan.tk Open in urlscan Pro
2a00:1450:400c:c0d::79 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

93 %
IPv6

14
Domains

16
Subdomains

15
IPs

3
Countries

2624 kB
Transfer

3672 kB
Size

2
Cookies

62 HTTP transactions
0 data transactions