www.bolatimes.com Open in urlscan Pro
2606:4700:20::ac43:45e2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bolatimes.com/
Effective URL:
https://www.bolatimes.com/
Submission: On October 08 via api (October 8th 2023, 10:56:53 am UTC) from LU — Scanned from DE

Summary HTTP 168 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 27 domains to perform 168 HTTP transactions. The main IP is 2606:4700:20::ac43:45e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bolatimes.com. The Cisco Umbrella rank of the primary domain is 584621.
TLS certificate: Issued by GTS CA 1P5 on September 29th 2023. Valid for: 3 months.

This is the only time www.bolatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:14b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
6	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
19	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:f6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
3 4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2607:f8b0:402... 2607:f8b0:4023::78	15169 (GOOGLE) (GOOGLE)
1	64.233.184.156 64.233.184.156	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:1::8	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9281	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
168	43

2 2606:4700:20::681a:82c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:14b (United States)

ASN13335 (CLOUDFLARENET, US)

ua.realtimely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.realtimely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:f6c (United States)

ASN13335 (CLOUDFLARENET, US)

media.suara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4023::78 (Clarksville, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:1::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nzz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9281 (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	413 KB
24	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 bid.g.doubleclick.net — Cisco Umbrella Rank: 1020 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	304 KB
18	bolatimes.com 1 redirects www.bolatimes.com — Cisco Umbrella Rank: 584621 assets.bolatimes.com media.bolatimes.com	282 KB
16	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 344 gcdn.2mdn.net — Cisco Umbrella Rank: 1392 r3---sn-4g5e6nzz.c.2mdn.net	1 MB
14	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	190 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 998 t.clarity.ms — Cisco Umbrella Rank: 7776 c.clarity.ms — Cisco Umbrella Rank: 1548	28 KB
8	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8274 c.mgid.com — Cisco Umbrella Rank: 6300 servicer.mgid.com — Cisco Umbrella Rank: 8270 s-img.mgid.com — Cisco Umbrella Rank: 7951 cm.mgid.com — Cisco Umbrella Rank: 1418	103 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	110 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	27 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16330	76 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	255 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	89 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6147	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	realtimely.io ua.realtimely.io — Cisco Umbrella Rank: 56340 api.realtimely.io — Cisco Umbrella Rank: 55261	3 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145	277 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 588	63 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 10872	918 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 257	763 B
1	suara.com media.suara.com — Cisco Umbrella Rank: 31619	85 KB
168	27

	Domain	Requested by
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.bolatimes.com 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.bolatimes.com securepubads.g.doubleclick.net www.googletagservices.com
14	s0.2mdn.net	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com www.bolatimes.com s0.2mdn.net
10	securepubads.g.doubleclick.net	1 redirects www.bolatimes.com securepubads.g.doubleclick.net www.googletagservices.com 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
8	media.bolatimes.com	www.bolatimes.com
7	assets.bolatimes.com	www.bolatimes.com assets.bolatimes.com
6	fonts.gstatic.com	fonts.googleapis.com
5	googleads.g.doubleclick.net	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com www.bolatimes.com pagead2.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	csi.gstatic.com	www.gstatic.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
4	www.google.com	2 redirects www.bolatimes.com tpc.googlesyndication.com
4	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	region1.analytics.google.com	www.googletagmanager.com
4	fonts.googleapis.com	www.bolatimes.com 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
3	cdnjs.cloudflare.com	s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	securepubads.g.doubleclick.net 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
3	t.clarity.ms	www.clarity.ms
3	www.clarity.ms	www.bolatimes.com www.clarity.ms
3	cdn.izooto.com	www.bolatimes.com cdn.izooto.com
3	www.googletagmanager.com	www.bolatimes.com www.google-analytics.com
3	www.bolatimes.com	1 redirects
2	cm.mgid.com	jsc.mgid.com
2	c.clarity.ms	1 redirects
2	googleads4.g.doubleclick.net	www.bolatimes.com
2	www.googleadservices.com	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
2	connect.facebook.net	www.bolatimes.com connect.facebook.net
2	jsc.mgid.com	www.bolatimes.com jsc.mgid.com
2	www.google.de	www.bolatimes.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.bolatimes.com www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cl.imghosts.com
1	s-img.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.bing.com	1 redirects
1	c.mgid.com	www.bolatimes.com
1	r3---sn-4g5e6nzz.c.2mdn.net	www.bolatimes.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	www.gstatic.com
1	media.suara.com	0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
1	api.realtimely.io	www.bolatimes.com
1	ua.realtimely.io	www.bolatimes.com
168	49

This site contains links to these domains. Also see Links.

Domain
gol.bolatimes.com
arkadiacorp.com
www.suara.com
www.matamata.com
www.hitekno.com
www.dewiku.com
www.mobimoto.com
www.guideku.com
www.himedik.com
regional.suara.com
clickmov.suara.com
yoursay.id
www.serbada.com
www.theindonesia.id
hits.suara.com
www.iklandisini.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
bolatimes.com GTS CA 1P5	`2023-09-29` - `2023-12-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
realtimely.io GTS CA 1P5	`2023-08-27` - `2023-11-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-17` - `2023-10-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
suara.com GTS CA 1P5	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.bolatimes.com/
Frame ID: BE9F1FBAA0FC2AEE6F613F1CD5B2986A
Requests: 72 HTTP requests in this frame

Frame: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 895ABCE30030D7539F982B533D69D772
Requests: 1 HTTP requests in this frame

Frame: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8267AA5A4396AA588DFC3821BFF4046
Requests: 19 HTTP requests in this frame

Frame: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3357D8C294C9F4C8AB09DDF4E55A6B05
Requests: 7 HTTP requests in this frame

Frame: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4CAC8C84D4BB3D801052593A4282ED77
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRxEGw2DnanEr-4aRIhZ1on_7GfSlXFZ3ZeNkRvjrLjVSODJgm3WP89YAx4hhz1lv1se6Vp1DlNXzl5SEXKYiDCpSsK_vtElMKoBqq2Bwrl--AsVEQK_BTzTTi1BUjvwzXD3MJglpZSVkb-aY1tArejczqpYUMDxhyE6f4_llmR8HessMTNDcPbbK4gRGEuDTfGZROsx61Ntqz-x7b1saMXY-8qBdAwSi5PBzttux8E84BoIn13PizKhnIwm2h5NAydXnzngfpJPpqbfUHuK09HDQf_jXOXNjxJurtCgfcI3zw2Blpa4m_TH3cGjx6kWRT14iaEhbtlL3irRdBsZfohvsc4AGhBdCTiATTrg&sai=AMfl-YQhaD0yaJrMys9UoPFLVRG-TA5DPXhjDltD-OQ2kpYOgoLWVArdr7Ujkze4lwAgQSv6cj0WYpakRUl1YhLvLqnKaYhNdlMdK1UguvegJPEpxC502kZIiJ9Wp2MYw4x5xco424G5ubAV-3aqj6b1&sig=Cg0ArKJSzN2yKDuuhPpiEAE&uach_m=[UACH]&adurl=
Frame ID: 2C5B08DBC93EF61069F96DEA057E83F0
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: 5215CAF6B4AACCF834C08659942027BD
Requests: 12 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 60127E67E90823760656AC383EA583AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNWc9DveIBm470d8YY2DZO5x-8ejq0Ddighw6T06kbV9hhCAC2Zl75WMWR6vCuLcDQeJWfViNNQ05ced7U70smUURfvHFTzVj4er3Jm1GJCTOMlN9f_CP7a2MKuUmetHmEAaWPFQbFHGunCjOJ7CXg6aHbdlq98-FI7dEXFlgcmUmRQfD1E
Frame ID: 524E02DC80FC3703BF9EB619CA7763D6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 78C26096E73B29B7E70A1167B97A5F6B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7C5C64C89EAA4F31FD1536A7F8862002
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
Frame ID: FAB1C7F5372C7806A2DBAA758DB1A80B
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6F960D380949A320F3ED233387BFEFC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A779DB1BC29857126AF0B6E0950446A
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=169676260845080036970
Frame ID: B0CC5BDE39D7BBA67F09DCD0187C203F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BolaTimes.com - Berita bola, Jadwal, Skor & Liga Eropa

Page URL History Show full URLs

http://www.bolatimes.com/ HTTP 301
https://www.bolatimes.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

168
Requests

93 %
HTTPS

75 %
IPv6

27
Domains

49
Subdomains

43
IPs

5
Countries

4713 kB
Transfer

8525 kB
Size

28
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://gol.bolatimes.com/
Title: Gol

Search URL Search Domain Scan URL

URL: https://arkadiacorp.com/

Search URL Search Domain Scan URL

URL: https://www.suara.com/

Search URL Search Domain Scan URL

URL: https://www.matamata.com/

Search URL Search Domain Scan URL

URL: https://www.hitekno.com/

Search URL Search Domain Scan URL

URL: https://www.dewiku.com/

Search URL Search Domain Scan URL

URL: https://www.mobimoto.com/

Search URL Search Domain Scan URL

URL: https://www.guideku.com/

Search URL Search Domain Scan URL

URL: https://www.himedik.com/

Search URL Search Domain Scan URL

URL: https://regional.suara.com/

Search URL Search Domain Scan URL

URL: https://clickmov.suara.com/

Search URL Search Domain Scan URL

URL: https://yoursay.id/

Search URL Search Domain Scan URL

URL: https://www.serbada.com/

Search URL Search Domain Scan URL

URL: https://www.theindonesia.id/

Search URL Search Domain Scan URL

URL: https://hits.suara.com/

Search URL Search Domain Scan URL

URL: https://www.iklandisini.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BolaTimes-422088054911458/

Search URL Search Domain Scan URL

URL: https://twitter.com/bolatimesdotcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/suaradotcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bolatimesdotcom/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bolatimes.com/ HTTP 301
https://www.bolatimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSKK7yWiSeI8aJUwARUnJQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK6McrBGPlVcQ3F0EVpqmAg&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI5NzkxNzMxNzg0Mjk3ODM4NA%3D%3D

Request Chain 111

https://securepubads.g.doubleclick.net/pagead/adview?ai=CRzzL7ooiZdXELoP1-gaNwa7YAay1tblzrdOYrucR-uC_oNQBEAEglKSmMmCVip6CsAegAfq33eMoyAEGqQLOG7AQ3cKxPqgDAaoEoAJP0Kvl0s05DS4f16B4WGVeTQcnf1ixfFtxg6zA27SEQ_Q1S9OsqXnnROI-UBBnufZrosibeMRJaALk_p3Ag4kplcjmH4BjsYKFTRYaVznydqtC8weNJWdnN_PYmGNYi_m3ZbWyPqNozbGbUoYlRWp8O6YJvybQL5eMmg_e50cnTrdbaJFb6SaCcYh-yf9FqGSWT2uUvyav9Qpgrw93cdF9XdEi187KfeJw7tj_4ador6r_gMJTyW3upLWEvAUflCTVb-HZpyMIdeYaqW8TmXXxqEHjhY4ZVnm_mMXa67CYYpVrfUeu2_N5M_bUImQereDn3WZPuy7v2bSefB-gvVAmZ-f8UdO3oHQWokxBht7LXfDCz4O-RJ5U5jJ8W72w0CbABMvKqc_ABOAEA4gF_6fb20ySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjfYBgKAB_rvrcMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQsPsCGJzg7PgBoAjUhqgEsAgC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJzgFodHRwczovL3d3dy5yZWJ1eS5kZS9rYXVmZW4vYnVlY2hlci1iZWxsZXRyaXN0aWstY29taWMtdW5kLWh1bW9yP3V0bV9zb3VyY2U9UFJPRyZ1dG1fY2FtcGFpZ249W1BST0ddX0RWMzYwX0RFX0JMX01FQk9fTUlEX1E0LTIzLU1pZGZ1bm5lbC1Tb2NpYWwtUHJvb2ZfUHJvc3BlY3RpbmdfTmF0aXZlLVZpZGVvX01FLUJvb2tzLUNvbWljLUh1bW9yXzE5MjB4MTA4MIAKA8gLAeINEwiZssSjpeaBAxWDut4KHY2gCxuwE8_S_RTIE9X00uMD0BMA2BMNghQTGhF3d3cuYm9sYXRpbWVzLmNvbdgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMTYyOTE0NzAyMjkzOTIwGOSdGw&sigh=rIdnLYZ_h8c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&template_id=509&vt=10&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213450539955119028263%22,%22debug_reporting%22:true,%22destination%22:%22https://rebuy.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210946567162%22],%224%22:[%2210-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218320841633921484209%22}&andc=true

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 134

https://gcdn.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/547C9FDEB94A793B9A6CFF1AFDEA51F3CEE72DF8.A4C934D38013A0C93C85DE24C867BFCC2333624A/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C548938C9A4979622BCE2EAFFAE2C2181143BFE.0400D7B3299B64CADAD720D98CB3238DCAF4CEF6/key/cms1/cms_redirect/yes/mh/7f/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1696761413/mv/u/mvi/3/pl/29/file/file.mp4

Request Chain 145

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9E28580937054D5BB67BA29BA8DEFC2C&RedC=c.clarity.ms&MXFR=39674DE2EFB86C9217505E46EBB86230 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9E28580937054D5BB67BA29BA8DEFC2C&MUID=0901C8604ACB679A3960DBC44B406687

168 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bolatimes.com/
Redirect Chain

http://www.bolatimes.com/
https://www.bolatimes.com/

169 KB
23 KB

948ms
894ms

Document
text/html

2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d418ae6c99d8c30ef4366e7203240880506d01cec9f8986c1cd562f9fd79937f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 812ddbe7faf42c2d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 10:56:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkSor8%2B4fr9Wdz52iYii8IEsijhBD6wLeoApZW0cfWTmAauZtiARDo2I7Fo3l9YD9DqA8pMOjvDjgpyPJrOhRsQ%2B%2FNug3n6fSN1flkB5w5GQx1IbqCiiZGs17rSUHSz1DZCL9jdyZ87p0mAcfbhk"}],"group":"cf-nel","max_age":604800}
s-device-type: mobile
server: cloudflare
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-id: 6ng28jp2pXEZOQA4aiedhO1dCPzrEPzEao4KVgHKB2b_p7Bcjw047g==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 812ddbe768183a3e-FRA
Connection: keep-alive
Content-Type: text/html
Date: Sun, 08 Oct 2023 10:56:44 GMT
Location: https://www.bolatimes.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpmCFM0GF3crmiJqzVclR3%2FbXl%2F3efCYgr4QATXXJ2jNws2KYZD789ZVgkoEuc6nNwDa48sdMaY37Cw%2Fohn%2FXJm70LsLQgcCeES46UmCrK1GypiVhEOi5BzbkI6S2goPQzz5p9GY%2FSpRxEKeUx%2Bg"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NwjHpklvptAI73VSDBLaYGyPOM1-tMLY2phQywxUFvAwc3jKA2rwUA==
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Redirect from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 3 KB
601 B 87ms
37ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b051e91c4152250e78940e4bccae03d710d4e26a24f4bcb405291d9b75bd2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 10:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 10:56:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 10:56:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
873 B 83ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95ef3768ec0f5da28f4b121793f4f71d60b411c53569b19aa2a48cead3c3c7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 10:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 10:34:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 10:56:45 GMT

GET
H2 200 mainv3_mod.min.css
assets.bolatimes.com/mobile/css/ 25 KB
6 KB 842ms
823ms Stylesheet
text/css 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/mobile/css/mainv3_mod.min.css
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0188c48ab8424aa92ea2893388576c6e4feac9602110dbf6d0458e1dcf22e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Sep 2023 05:48:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfyUM6BBwYk4wQ8RT8wpHT%2FffQgN%2Fcov0bji3Ja4IhSq4Q5NxYj8gpsdccQwvBUut8oV4IN9PaQuuqUifOM4ieMlB8BhJRSPccC2tLqy9T%2BmyBxa8Z%2B4Rr8oKzFNjEIYdoM%2BH3J5v06va%2BHplUSkD7VR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812ddbedba932c2d-FRA

GET
H2 200 script.js Show response
ua.realtimely.io/ 4 KB
2 KB 92ms
29ms Script
application/javascript 2606:4700:20::681a:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.realtimely.io/script.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11722
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 08 Oct 2023 07:39:41 GMT
server: cloudflare
etag: W/"65225cbd-fd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsx8UvNBOnW3CKBFOVsmVUrl8DjjiffDlk%2BOCiRZup3%2Baos4WnNddOwIwHB0akdNBRR8wVD7NRnJWcqOjMSOINed%2BnhJ2OpsKanWzgjxcNDYBcRnpCoCUdhc5J1k9RcOo8x25An%2FbFFMw7OXk28%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=28800
cf-ray: 812ddbee88a42c4e-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 166ms
113ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4561458a80ca94b698ec8c58e55bb29b7e46bd663fedc2f1b5fe57943eedc25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29706
x-xss-protection: 0
server: cafe
etag: 134 / 19638 / 31078611 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 10:56:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
90 KB 90ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40a37673e327753478f464fbcbfae6cb4fc25108e57fa4c310a514b41c5a9f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 10:56:46 GMT

GET
H2 200 bolatimes-logo.png
assets.bolatimes.com/mobile/images/ 18 KB
18 KB 840ms
840ms Image
image/png 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/bolatimes-logo.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f5e506db19cb972a8173e9a44a15402ee87b6fc3dac64e399a0215f58698f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBL%2F9tebp3g1m6dCePZoB%2FjNSEoz%2BvcGccx96j2IhVvUTHf8eRNcz%2F3ZO7NWIUSAZfkUK681sSLOmBrFxpDMYi6GBcbZ2KP7PqwLPWC31i9VNDXNdv7iToZMiQs9blaR92DOXlgA3VPC4FbKuJasfmtK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 812ddbf0cec82c2d-FRA
content-length: 18383

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
75 KB 45ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFVNJ45

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41b18c9bf802b571620cc982322287b5dc4254db9a4d88e409b2940218673a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76183
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Oct 2023 10:56:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
18ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 09:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3913
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 08 Oct 2023 11:51:33 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/ 419 KB
132 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 14:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72187
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134827
x-xss-protection: 0
server: cafe
etag: 8968824880815585736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 06 Oct 2024 14:53:39 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 74ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je3a40&_p=1272748223&_gaz=1&cid=881353073.1696762606&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696762606&sct=1&seg=0&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 79ms
27ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R6NQQ7RXT0&cid=881353073.1696762606&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 112ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R6NQQ7RXT0&cid=881353073.1696762606&gtm=45je3a40&aip=1&z=2000117008

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 65ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je3a40&_p=1272748223&cid=881353073.1696762606&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1696762606&sct=1&seg=1&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&en=page_view&_ee=1&ep.wp=wp&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mainv3_less.js Show response
assets.bolatimes.com/mobile/js/ 753 B
635 B 665ms
664ms Script
application/javascript 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/mobile/js/mainv3_less.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3354f69c3a6ff57792925385a7969593f09e0101dadb55bf97dfec6b042728b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Sep 2023 05:48:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8AZgQWWGH7pJ5eyuDrECE%2Bk86Ju%2BNBLw0rqotyw%2FesLvFr5D54PCtXkeRr1VnyZwzHob5auebQ2XQdStE8Ymv8%2BKVABoX77pTMWQSr92XjR2Bi9d9anQXog%2FHdNBZ%2B8tsrxxY41s9woQQf%2BR4uPkjHC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812ddbf2e9cd2c2d-FRA

GET
H2 200 bolatimes.com.1520395.js Show response
jsc.mgid.com/b/o/ 4 KB
2 KB 257ms
213ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/o/bolatimes.com.1520395.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b67867d9b5e7368c145a0e6cd5eadcefaf748375fe7fa0efeae7bf09add492

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
x-amz-version-id: G22yi0Pm3xxkaGG4GE5FMOVUxfb3Wb3R
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: D4SWEG7F38FVQ67M
cf-polished: origSize=3867
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KDQ1S/JdwnICO7ftswhXfXaqqv5plm5s69AypyJaR0vDK/ms9Phj8sbieE7Z/A8xjFlUMqQBHQ0=
cf-bgj: minify
last-modified: Mon, 25 Sep 2023 09:55:20 GMT
server: cloudflare
etag: W/"05ca9417f4ecf97cf805282cd055845a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 812ddbf33f40918c-FRA
expires: Sun, 08 Oct 2023 13:56:46 GMT

GET
H2 200 4884cdd3865bfa28e0cc689b8cb854f5876ffbde.js Show response
cdn.izooto.com/scripts/ 882 B
762 B 89ms
32ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/4884cdd3865bfa28e0cc689b8cb854f5876ffbde.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414405a41dc818b5d2d5fbf03f51c04177651c751cf3d0fca72804b7b3fed16c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 28 Feb 2023 06:49:58 GMT
server: cloudflare
age: 263548
etag: W/"63fda416-372"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 812ddbf359b535eb-FRA
x-xss-protection: 1; mode=block
expires: Mon, 09 Oct 2023 10:56:46 GMT

GET
H2 200 close.svg
assets.bolatimes.com/mobile/images/icons/ 366 B
483 B 658ms
657ms Image
image/svg+xml 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/icons/close.svg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63fc1ddc963bb7b1fa84264c2d2650dd951ff93719bd7a9569c2ab632f49d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPxJiUWT54FNIyHISxLpZUUBVanGMOTB9ru%2BfCCRL2UzFW%2Ff0uWZlZKPeWj8WzpZ4ihWpq96JWfUEkilUSRedSQydo2EwanzOL0AWBdzmf95KcPEq48QcDXbYJpLaipZz0zMsQ7Hsl%2BQAOd5Hy7DnbK2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812ddbf2f9f52c2d-FRA

GET
H2 200 menu.svg
assets.bolatimes.com/mobile/images/icons/ 245 B
408 B 667ms
666ms Image
image/svg+xml 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/icons/menu.svg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30706f6f7b483dea438968b354d5329358eda60a7f5b0c864576b12e4d1c769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE%2BaP%2FJn%2BVwCELh1naAm3ZH0dEaPzZDTpUpxbBGj%2B2M8DMK7WAVnYj6QurLXug5x2qZk5GnyXC5ttqW01ntN0r1RQ3SYPgF2HL4rIEYkuMBBCGM7T0MdBF3IL5%2FKs7epiKPjiFy8Us%2F7DkM0h5CyX0DP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812ddbf2f9fa2c2d-FRA

GET
H2 200 search.svg
assets.bolatimes.com/mobile/images/icons/ 1 KB
903 B 677ms
676ms Image
image/svg+xml 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/icons/search.svg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa03e14db9e4a4f968fb0ab7eafa9a90dd7ed860cf809fe1557fba126bf34380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IsOgTY609I2RuBlvT3X4bCg6SxI%2BhcQmQSs3ma6vA%2FETTGuAl4DhjEUigmpMWfUxSXLu7L99%2BDxOnT0RXoaSS%2FFK0OGDN0Gu1bBfGNbrespxeXF0XA7DLtozZGrJVX8brwoNYaUljyLwPTZdXVoYZlp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 812ddbf2f9fb2c2d-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 69ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 03 Oct 2023 17:37:58 GMT
x-content-type-options: nosniff
age: 407928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 17:37:58 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 08:04:15 GMT
x-content-type-options: nosniff
age: 96751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 08:04:15 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 13 KB
14 KB 89ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 07:53:04 GMT
x-content-type-options: nosniff
age: 270222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13724
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:20:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 07:53:04 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 82ms
35ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 04 Oct 2023 18:52:43 GMT
x-content-type-options: nosniff
age: 317043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 18:52:43 GMT

GET
H2 200 730x480-img-39482-pelatih-persik-marcelo-rospide.jpg
media.bolatimes.com/thumbs/2023/10/07/39482-pelatih-persik-marcelo-rospide/ 69 KB
69 KB 54ms
32ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/10/07/39482-pelatih-persik-marcelo-rospide/730x480-img-39482-pelatih-persik-marcelo-rospide.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54dfae1c3497141384ac0f7b651cfa51a2a74e777d11a7b5a185f0b2182f837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52579
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70494
cf-bgj: h2pri
last-modified: Sat, 07 Oct 2023 08:53:06 GMT
server: cloudflare
etag: "418cf68f5d70b44d334f870e894918ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPPnPqe%2FZVy%2BUKQjLqvB0nab0JHeW9O24k27CH4ftP0L93ZrpdCOvr7T8H0cB99aSvNlWTMXKZ5MGxliDFnzLCQWL2YMicINW2Qp3hMrADmSsf%2BdmJ%2Bjyue04rQwcMHxdtoa8qrEnQhuaAnrkf6Cn5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf33a592c2d-FRA
x-amz-cf-id: uAgNqZAshsuJINLI3oKc56xIWouVUg0T1RBwE5-41hqI899fFcZjZw==

GET
H2 200 350x230-img-45735-pebulu-tangkis-ganda-putra-indonesia-mohammad-ahsan-dan-hendra-setiawan.jpg
media.bolatimes.com/thumbs/2022/06/30/45735-pebulu-tangkis-ganda-putra-indonesia-mohammad-ahsan-dan-hendra-setiawan/ 14 KB
15 KB 101ms
80ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2022/06/30/45735-pebulu-tangkis-ganda-putra-indonesia-mohammad-ahsan-dan-hendra-setiawan/350x230-img-45735-pebulu-tangkis-ganda-putra-indonesia-mohammad-ahsan-dan-hendra-setiawan.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14bcf2fc55ab84879c8921f46b78390a170331bcdc34b0a31c87f8799323b53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
content-length: 14636
last-modified: Thu, 30 Jun 2022 02:14:13 GMT
server: cloudflare
etag: "8c0e5d68ead23e475a9f058731b8194e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkzuG6P2MShLBNrrvPiyCPjFOQupUELZD%2FrQg9M0mTsCGAx%2FRFRPiTSD5W%2Fx2vD8FIR%2BhgXbapah85ViRIRoPUsBQUSxh3jfngRIgRUISLmVKsn9r%2B%2FMQkgPrBkMpTyPVSYWmcnjQ7khCng6PpTsI9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf33a5b2c2d-FRA
x-amz-cf-id: ET5eVZa1nspdC8YY04NzTY15sUXFRKYvRMY2wo2yjj3wnpT4bAhsEA==

GET
H2 200 350x230-img-92306-timnas-filipina-di-piala-asia-2019.jpg
media.bolatimes.com/thumbs/2023/09/05/92306-timnas-filipina-di-piala-asia-2019/ 34 KB
34 KB 78ms
57ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/09/05/92306-timnas-filipina-di-piala-asia-2019/350x230-img-92306-timnas-filipina-di-piala-asia-2019.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6a4b24914043e50e5be2a01c4829b2cc8ad6f6e6ebed76d77634a56b02453c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34417
last-modified: Tue, 05 Sep 2023 06:27:29 GMT
server: cloudflare
etag: "9fb699183ca93d65a7f849e58f5bbf71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk34m8GhvaUu6ZXsxxQ%2BcEiIP4E8nrYMoDRhLc3tHO7QfuWnQ%2FfIAw6l%2B4XfttCx0zcm6EtisvFvwdanjrD1o1Bm72wwyVXh56eliJl%2FXMKwboKoVBtVCfYoY1A1VbuJ6dS%2FYztvm6GmJ4fyAPGq9Ao%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf33a602c2d-FRA
x-amz-cf-id: _bUDUfVKlR3Qel-Uqehiiw74XpMMtMSKa_ufG9azD4uMy8tBzRyD8Q==

GET
H2 200 350x230-img-11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19.jpg
media.bolatimes.com/thumbs/2022/09/12/11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19/ 11 KB
12 KB 85ms
64ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2022/09/12/11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19/350x230-img-11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787b56142db4c0a5e6fb21531944e1dca215e14d02867fe40a326b26d08995a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
content-length: 11589
last-modified: Mon, 12 Sep 2022 01:37:06 GMT
server: cloudflare
etag: "76ca0d76a86a965b5ced1ccfb66c0d4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnS1JoLd1uFtx6LDedOuzrnbecaRSKUwccJ7plyFxVwsUBmMm2NSNOPE%2BJ0AgW05y491NUPHUiOUvuLzl7TlsSscKOriihQ4C2JC4fHooCB36DnkR4lgGzjB67JhAFxZJLMBDq7h1pBaw3EYK81YAYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf33a5c2c2d-FRA
x-amz-cf-id: tTKRTqNdDGCEfV428qm0wTg5-GhMKgV8MD7uL7aHEhYf4SxHlhf6Rg==

GET
H2 200 350x230-img-33609-pemain-timnas-malaysia-luqman-hakim-shamsudin.jpg
media.bolatimes.com/thumbs/2022/05/23/33609-pemain-timnas-malaysia-luqman-hakim-shamsudin/ 13 KB
14 KB 120ms
100ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2022/05/23/33609-pemain-timnas-malaysia-luqman-hakim-shamsudin/350x230-img-33609-pemain-timnas-malaysia-luqman-hakim-shamsudin.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b69f62c23c32d363eca98482ad5b3399aafad09de4bfa76c661d287eec783159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront
content-length: 13451
last-modified: Mon, 23 May 2022 09:18:52 GMT
server: cloudflare
etag: "15079a016fc0d2e479f7114d1cb48f22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xW55c6KIy657XaFFG8j%2BSMYo10WMjEs47dBR60Jo1x3zpL5HkC1XjO3Gu93svaKiKDVKCzTuWk7WR2dU29xc2xULK17b5rQrWP29GfAzm1GHDzbZDU7iKRI6ZLH7VLiDiN6sjLBcwlxRsDoh910Xtjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf33a5e2c2d-FRA
x-amz-cf-id: R9J1kRDX5vRgaMpQB5Dw1S87diMV8DkueT3JoUVbNTo454vb_hIcrw==

GET
H2 200 350x230-img-33759-selebrasi-rafael-struick-usai-menjebol-gawang-china-taipei.jpg
media.bolatimes.com/thumbs/2023/09/09/33759-selebrasi-rafael-struick-usai-menjebol-gawang-china-taipei/ 16 KB
16 KB 31ms
30ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/09/09/33759-selebrasi-rafael-struick-usai-menjebol-gawang-china-taipei/350x230-img-33759-selebrasi-rafael-struick-usai-menjebol-gawang-china-taipei.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3412226f2747d70f2b4c65b43f891c9711ed6dd0df58cb37d45fad386e33059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 1ef0a1ac6ea08b592d4639edad112622.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49792
x-amz-cf-pop: MXP53-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16214
cf-bgj: h2pri
last-modified: Sat, 09 Sep 2023 12:39:55 GMT
server: cloudflare
etag: "70a3512a9445b845d09b32b94ad0679f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfG8uiZSTwsWhk2vHSUm1zDlNsAZhW374%2BF3TvTqPCx4vDzp%2F3a2YFEwnqgkAsGz8csYVnJ3OrTMDpmhlWvLsRzNOwJrnj33f5jn1mjdOSobZqx0%2Bh%2Fh1LkNvO%2BIVt45KlR%2F%2Ba7G%2BQZZ%2BdxBdW%2BGcYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf34a732c2d-FRA
x-amz-cf-id: dY5ccKfhBCILWNJRaWVfmb1kuJ7zsq02Ad__soUOU-dJB9oJVqp0Gg==

GET
H2 200 350x230-img-29002-selebrasi-stefano-lilipaly-usai-mencetak-gol-ke-gawang-psis-semarang-dok-borneo-fc.jpg
media.bolatimes.com/thumbs/2022/12/09/29002-selebrasi-stefano-lilipaly-usai-mencetak-gol-ke-gawang-psis-semarang-dok-borneo-fc/ 11 KB
11 KB 28ms
28ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2022/12/09/29002-selebrasi-stefano-lilipaly-usai-mencetak-gol-ke-gawang-psis-semarang-dok-borneo-fc/350x230-img-29002-selebrasi-stefano-lilipaly-usai-mencetak-gol-ke-gawang-psis-semarang-dok-borneo-fc.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b02deae31dfbeb6fe3a1a237df0f07be872bdd04f7a1142f27e6876fbbc333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49792
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront
content-length: 11236
cf-bgj: h2pri
last-modified: Fri, 09 Dec 2022 11:59:51 GMT
server: cloudflare
etag: "5d09013f1a157d96aafd10876cc55b05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjsAA4NesY9EGC%2BOsGHxmwZz%2Fpc9l9of8VwxvGSBrNZuYKAqUpk%2F5kYYOHpJQsz%2FNFSV8%2Fn62y1sBx2A4C2GKR1jE1nMUYJPIPdef26c%2BXf%2FasxjWdvIppEecJxCDzSw9HTW0WwwD5pMBFsqsGgrB3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf37ac02c2d-FRA
x-amz-cf-id: x78uP72T-GMaPWelvBnR5DSDhPGlTQ584WRQ3Wm0Glx4Ez-3GPYagA==

GET
H2 200 350x230-img-67925-gelandang-kmsk-deinze-marselino-ferdinan-instagramatkmskdeinze.jpg
media.bolatimes.com/thumbs/2023/07/20/67925-gelandang-kmsk-deinze-marselino-ferdinan-instagramatkmskdeinze/ 17 KB
17 KB 27ms
27ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/07/20/67925-gelandang-kmsk-deinze-marselino-ferdinan-instagramatkmskdeinze/350x230-img-67925-gelandang-kmsk-deinze-marselino-ferdinan-instagramatkmskdeinze.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883a29c21486a48d72aa479ea8b908b107903e004718806406b6ca60b0782dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
via: 1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49792
x-amz-cf-pop: ZRH55-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17321
cf-bgj: h2pri
last-modified: Thu, 20 Jul 2023 01:20:28 GMT
server: cloudflare
etag: "664b4d4101789cfaa8f97616ced6ee93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7qa68W8YB1rqLr4zgZvZr7ekKJiPzXPqFIc2hRDepBjyLSDPx7oBIRfZl%2FvX3tVCp5EzupXmLbU8JXhZJvvqi1rdLLe04DE%2BvP%2FVfH479n1rUjvhEx4Ml40s3Pj8eizYsbl0ebTR%2FcSggWwqLY5Ai0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 812ddbf37ac82c2d-FRA
x-amz-cf-id: xF3212Ui4vV6JgfpQdjFrPRCZYolpDIX08jluDMu-QUGRSQxe2x7IQ==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 66ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 05:23:08 GMT
x-content-type-options: nosniff
age: 279218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 05:23:08 GMT

GET
H2 200 my-icon.woff2
assets.bolatimes.com/mobile/webfonts/ 2 KB
3 KB 711ms
665ms Font
application/octet-stream 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/mobile/webfonts/my-icon.woff2?a41946de4457c5476c8547c8f308bcd3
Requested by: Host: assets.bolatimes.com
URL: https://assets.bolatimes.com/mobile/css/mainv3_mod.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677e82e25404550de66bc0556dc5607d07177827ae3a1f068042e2d136bdc65d

Request headers

Referer: https://assets.bolatimes.com/mobile/css/mainv3_mod.min.css
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Feb 2023 02:59:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5l4RLRdgCI5e%2FO9hivQVdszpZAyhtKDQOHjLC63QpTmLaThKwA4PqD4UpwYjvbK1k%2F7ESuACEDBZrAM6y22N2xoMtPjOLFx2StGvtm8MWJ7Gp8VNZzK%2FXp%2BDGTA8U5Y3kN3SHdn79Ls0unr7iBlG2uu"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 812ddbf37eae362c-FRA
content-length: 2156

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 69ms
49ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 00:30:46 GMT
x-content-type-options: nosniff
age: 296760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 00:30:46 GMT

GET
H2 200 f1npjd9l2l Show response
www.clarity.ms/tag/ 650 B
1013 B 220ms
126ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/f1npjd9l2l?ref=gtm2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 94c02a86ea35dbd60a2359445f117d1faec01986f211ca967e52c382b8fcc0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

expires: -1
date: Sun, 08 Oct 2023 10:56:46 GMT
x-azure-ref: 20231008T105646Z-vek62vzeqx0qvbtzsb4a65tvr400000001mg00000001n0mw
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 426 KB
87 KB 579ms
579ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3002712496637030&correlator=3680254186607067&eid=31076405%2C31078637%2C31078611&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=148558260%2CBolaTimes%2CMobile&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%2C320x50%7C320x100%7C1x1%2C1x1%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C360x85%7C360x88%2C320x480%2C320x50%7C320x100%7C300x250%7C336x280&ifi=1&didk=3103464748~1559969270~3103465670~1322788908~1322788909~1322788910~1322788911~1322788904~1322788905~1322788906~1322788907~1322788900~2690852759~2793123867~3019867852~1548010724&sfv=1-0-40&ists=8192&sc=1&cookie_enabled=1&abxe=1&dt=1696762606669&lmt=1696755406&adxs=-9%2C643%2C0%2C650%2C650%2C650%2C650%2C650%2C650%2C650%2C-9%2C-9%2C-9%2C643%2C640%2C-9&adys=-9%2C1123%2C40576%2C2897%2C5229%2C10576%2C15943%2C20682%2C25421%2C30160%2C-9%2C-9%2C-9%2C3147%2C240%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C-1%7C-1%7C-1%7C9%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.bolatimes.com%2F&vis=1&psz=0x-1%7C314x-1%7C1600x40575%7C1570x280%7C1570x280%7C1570x280%7C1570x280%7C1570x280%7C1570x280%7C1570x280%7C0x-1%7C0x-1%7C0x-1%7C1570x180%7C320x0%7C0x-1&msz=0x-1%7C314x-1%7C1600x0%7C314x180%7C314x180%7C314x180%7C314x180%7C314x180%7C314x180%7C314x180%7C0x-1%7C0x-1%7C0x-1%7C314x180%7C320x0%7C0x-1&fws=2%2C512%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=881353073.1696762606&ga_sid=1696762607&ga_hid=1272748223&ga_fc=true&dlt=1696762605690&idt=939&prev_scp=pos%3Dtop%26page%3Dhome%7Cpos%3Dbottom%26page%3Dhome%26refresh%3Dtrue%7Cpos%3Dotp%26page%3Dhome%7Cpos%3Dmediumrectangle_1%26page%3Dhome%7Cpos%3Dmediumrectangle_2%26page%3Dhome%7Cpos%3Dmediumrectangle_3%26page%3Dhome%7Cpos%3Dmediumrectangle_4%26page%3Dhome%7Cpos%3Dmediumrectangle_5%26page%3Dhome%7Cpos%3Dmediumrectangle_6%26page%3Dhome%7Cpos%3Dmediumrectangle_7%26page%3Dhome%7Cpos%3Dmediumrectangle_8%26page%3Dhome%7Cpos%3Dmediumrectangle_9%26page%3Dhome%7Cpos%3Dmediumrectangle_10%26page%3Dhome%7Cpos%3Dexpose_mobile_1%26page%3Dhome%7Cpos%3Dparallax%26page%3Dhome%7Cpos%3Dpushdown%26page%3Dhome&adks=2302452171%2C2814197318%2C2063847690%2C1584674585%2C1584674584%2C1584674567%2C1584674566%2C1584674565%2C1584674564%2C1584674563%2C1584674562%2C1584674561%2C3092760079%2C1227964173%2C3632274387%2C1089493349&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bdbc1eb98f5f8d1ea70977b0c83e3b8ae2406c064f3455d8ff74704d8bd322e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89080
x-xss-protection: 0
google-lineitem-id: -2,-1,-2,6372424759,-1,6382544580,-2,-2,-2,-2,-2,-2,-2,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2,138449487578,-1,138447712306,-2,-2,-2,-2,-2,-2,-2,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bolatimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 895A 6 KB
3 KB 105ms
28ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:46 GMT
expires: Mon, 07 Oct 2024 10:56:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
223 B 26ms
26ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1272748223&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bolatimes.com%2F&ul=en-us&de=UTF-8&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=671531260&gjid=1283058918&cid=881353073.1696762606&tid=UA-115461612-1&_gid=431206431.1696762607&_r=1&_slc=1&cd3=wp&z=1546888225

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

35e68c9e35c407bf89ac4d4c52a97a66a68be0834358b72678d89252294aa005

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115461612-1&cid=881353073.1696762606&jid=671531260&gjid=1283058918&_gid=431206431.1696762607&_u=YADAAEAAAAAAACAAI~&z=906835620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 08 Oct 2023 10:56:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
91 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eae6ec35271b5240060c11bdabd4e0f3308cd981d4822da9734b4667df33cb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 10:56:46 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 95ms
47ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115461612-1&cid=881353073.1696762606&jid=671531260&_u=YADAAEAAAAAAACAAI~&z=1171237503

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 94ms
94ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115461612-1&cid=881353073.1696762606&jid=671531260&_u=YADAAEAAAAAAACAAI~&z=1171237503

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.12/ 58 KB
25 KB 50ms
50ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.12/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/f1npjd9l2l?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:46 GMT
content-encoding: br
last-modified: Wed, 04 Oct 2023 21:58:30 GMT
etag: W/"0x8DBC5250B8892E9"
vary: Accept-Encoding
x-azure-ref: 20231008T105646Z-vek62vzeqx0qvbtzsb4a65tvr400000001mg00000001n0nd
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f9e6fff7-801e-0005-2c05-f9fc00000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 618ms
353ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Access-Control-Allow-Origin: https://www.bolatimes.com
Date: Sun, 08 Oct 2023 10:56:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 3 KB
2 KB 77ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b0d8d7b02ba866840b7efdc13935087a1a24133108a3ba8e83bef6ce83b17e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 10:56:47 GMT
content-md5: HrEoC2rQxX8fwqklpNngqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: CPd6gSt8PspWkZkaOTrNPqdTYn2HH3xS774gul+32ITmTUyLZnxNK/5uun0J5EEXmHYwFD9yDNOfGmcM80HvQg==
x-fb-content-md5: 6363113e342891cab55644e16554b347
cross-origin-opener-policy: same-origin-allow-popups
etag: "f5eb6db461cebc8c85595d9254020cfd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:03:15 GMT

GET
H2 200 iezfz86x3h Show response
www.clarity.ms/tag/ 677 B
932 B 157ms
156ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/iezfz86x3h
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b72047e106d8af7cd4e767569535ab3761130c42e32060d5daf940ccaab6382f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

expires: -1
date: Sun, 08 Oct 2023 10:56:47 GMT
x-azure-ref: 20231008T105647Z-vek62vzeqx0qvbtzsb4a65tvr400000001mg00000001n0pz
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 677
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 bolatimes.com.1520395.es6.js Show response
jsc.mgid.com/b/o/ 327 KB
97 KB 692ms
692ms Script
text/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

817c356f21486b62d62a46a0cb5dcc6a4899e18d091d06a28472fefb54c0c15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
x-amz-version-id: 1DiC8jcQnOUVLqgui.MVaFkDPm9MOGde
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 53PTXP419KETKR1B
cf-polished: origSize=334582
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VEx1GfDvgQBX2fEBqriVcAr4cHB/2OixmN+xcCfvBvJ6/KmX9u4ocWx6HkzBbpWCXRSGFubjP8EHCvxM0GoLWg==
cf-bgj: minify
last-modified: Wed, 27 Sep 2023 12:16:47 GMT
server: cloudflare
etag: W/"af79f37a39768731f728643e20faf91d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 812ddbf71bd8918c-FRA
expires: Sun, 08 Oct 2023 13:56:47 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 318 KB
74 KB 37ms
37ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/4884cdd3865bfa28e0cc689b8cb854f5876ffbde.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a8f6b9d1ced96d2b4087dbcfcdb70fec9c1111a5a4588642e35b9c571884941

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Oct 2023 11:10:02 GMT
server: cloudflare
age: 171982
etag: W/"651feb0a-4f9ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 812ddbf71d8935eb-FRA
x-xss-protection: 1; mode=block
expires: Tue, 24 Oct 2023 10:56:47 GMT

GET
H2 200 /
api.realtimely.io/c/ 0
329 B 60ms
43ms Image
text/html 2606:4700:20::681a:14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.realtimely.io/c/?p=%2F&u=no&s=no&h=https%3A%2F%2Fwww.bolatimes.com&r=&sid=BOLA&t=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&qs=%7B%7D&cid=12607176
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8FKwiEcMZzufFmNAos%2FAcyCAeHGowI3vxaGn0%2Bdl2Bvpmfrcc6CAUgtDL51gzRUIVnBlssNymFXoD7DpYUYv1pnxkiGMq9sdnysppRLTlhiFZ6rHz2xPlry%2Bj3W1lSDYaFOYpSSiiqlC%2BkwwQNX"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 812ddbf73b352c4e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E826 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:46 GMT
expires: Mon, 07 Oct 2024 10:56:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3357 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:46 GMT
expires: Mon, 07 Oct 2024 10:56:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je3a40&_p=1272748223&cid=881353073.1696762606&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=3&sid=1696762606&sct=1&seg=1&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CAC 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:46 GMT
expires: Mon, 07 Oct 2024 10:56:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C5B 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRxEGw2DnanEr-4aRIhZ1on_7GfSlXFZ3ZeNkRvjrLjVSODJgm3WP89YAx4hhz1lv1se6Vp1DlNXzl5SEXKYiDCpSsK_vtElMKoBqq2Bwrl--AsVEQK_BTzTTi1BUjvwzXD3MJglpZSVkb-aY1tArejczqpYUMDxhyE6f4_llmR8HessMTNDcPbbK4gRGEuDTfGZROsx61Ntqz-x7b1saMXY-8qBdAwSi5PBzttux8E84BoIn13PizKhnIwm2h5NAydXnzngfpJPpqbfUHuK09HDQf_jXOXNjxJurtCgfcI3zw2Blpa4m_TH3cGjx6kWRT14iaEhbtlL3irRdBsZfohvsc4AGhBdCTiATTrg&sai=AMfl-YQhaD0yaJrMys9UoPFLVRG-TA5DPXhjDltD-OQ2kpYOgoLWVArdr7Ujkze4lwAgQSv6cj0WYpakRUl1YhLvLqnKaYhNdlMdK1UguvegJPEpxC502kZIiJ9Wp2MYw4x5xco424G5ubAV-3aqj6b1&sig=Cg0ArKJSzN2yKDuuhPpiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 2C5B 23 KB
9 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2C5B 3 KB
1 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 21:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 21:39:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C5B 187 KB
59 KB 85ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2 200 4776213064165889230
tpc.googlesyndication.com/simgad/ Frame 2C5B 46 KB
46 KB 68ms
23ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4776213064165889230

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40e5ad82e953ba7aae04c19f915981f2d8474dfc289466d6237faf009abc2cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Mon, 02 Oct 2023 11:22:57 GMT
x-content-type-options: nosniff
age: 516830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46692
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 10:26:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 11:22:57 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame 5215 223 KB
62 KB 94ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 22:17:54 GMT
age: 304733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Oct 2024 22:17:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 5215 15 KB
5 KB 130ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 12:23:54 GMT
age: 253973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 12:23:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 5215 94 KB
28 KB 132ms
57ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 00:09:37 GMT
age: 298030
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 00:09:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 5215 5 KB
2 KB 138ms
62ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 06:28:23 GMT
age: 275304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 06:28:23 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame 5215 40 KB
13 KB 138ms
63ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 10:08:35 GMT
age: 262092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 04 Oct 2024 10:08:35 GMT

GET
DATA 200
OK truncated
/ Frame 5215 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4c5e27fc963fc2e305676877f0a878895401cb73e4b0f43b513c356cb991bce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3999585703923981492/ Frame 5215 163 KB
163 KB 70ms
52ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3999585703923981492/downsize_200k_v1

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f25d45fef15a19a0ca5c6ceca5853982dc4a7f2dedf315fcfc4c7d5ea5a24a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:19:23 GMT
x-content-type-options: nosniff
age: 2244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166558
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 13:42:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Oct 2024 10:19:23 GMT

GET
H2 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5215 3 KB
3 KB 40ms
22ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 06:14:16 GMT
x-content-type-options: nosniff
server: cafe
age: 16951
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Mon, 09 Oct 2023 06:14:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5215 344 B
474 B 39ms
22ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 14306
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 09 Oct 2023 06:58:21 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 6012 4 KB
1 KB 36ms
35ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1773936
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 812ddbf82ea435eb-FRA
content-encoding: br
content-type: text/html
date: Sun, 08 Oct 2023 10:56:47 GMT
expires: Wed, 08 Nov 2023 10:56:47 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 2C5B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea03a999b8433a618cf9396f440bc28c2170c56cd0687c0b84e22ca5789cd5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 524E 624 B
577 B 118ms
66ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNWc9DveIBm470d8YY2DZO5x-8ejq0Ddighw6T06kbV9hhCAC2Zl75WMWR6vCuLcDQeJWfViNNQ05ced7U70smUURfvHFTzVj4er3Jm1GJCTOMlN9f_CP7a2MKuUmetHmEAaWPFQbFHGunCjOJ7CXg6aHbdlq98-FI7dEXFlgcmUmRQfD1E

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E826 89 KB
31 KB 143ms
86ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E826 42 B
401 B 112ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Az854Xm9bxLOAlmkrx8U6BLcGoZGmOI7Oi7iIB4mNyyhcxq4rG65aGGX-PIkSSvgU09_xDF2vf8Mi6h63ttonvQZUfMpQ6TZ3rSbBprYuHsYO1sds

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E826 0
58 B 112ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17876430472103872448&x=1&ct=76

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E826 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 21:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 21:39:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E826 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E826 187 KB
59 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/id_ID/ 304 KB
86 KB 46ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js?hash=95191a3586272eceeb68ef3bd062acc8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7898cbdb9f85256c3faa4087495ba8efd913651310ff3a38ec09e403bf250c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bolatimes.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 10:56:47 GMT
content-md5: 5nUFoc7XOLloUPr+Wb5fIw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88162
x-fb-debug: o2hpBEJftHEaLvhUDjolJx5s8/ozlYiVX/jYDo8BM5xxOaqUCtamJ8+NocyhP/zb4B6DoKQF4MQKJn82nQIQow==
x-fb-content-md5: e107ccde158787082e74db3d5231c114
cross-origin-opener-policy: same-origin-allow-popups
etag: "af841766a69a037576da8272bc285df1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 07 Oct 2024 10:28:58 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3357 24 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Fri, 06 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Oct 2024 06:34:09 GMT

GET
H2 200 87492-lms-300x250.jpg
media.suara.com/pictures/original/2023/10/07/ Frame 3357 85 KB
85 KB 99ms
34ms Image
image/jpeg 2606:4700:10::ac43:f6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.suara.com/pictures/original/2023/10/07/87492-lms-300x250.jpg

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:f6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74981cb09dd218c19461cb24e26866c319bbc5bce587f22aedd218469ececc79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
cf-cache-status: HIT
x-amz-request-id: XPJNXVBNF47JJKEM
age: 74504
x-amz-server-side-encryption: AES256
content-length: 87012
x-amz-id-2: /OV1V5XCIqlCav2eAVM4ZAyiGZlZLXAPSnVPNNdcsn6Xrq3XsGwXvGA6p67z9suoK1KZY4vnbjg=
cf-bgj: h2pri
last-modified: Sat, 07 Oct 2023 13:32:27 GMT
server: cloudflare
etag: "5e47cfaa01649115be43992a8a17f7b7"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 812ddbf94c6c2bf5-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3357 187 KB
59 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4CAC 8 KB
879 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c96d78e994736f78449cabb5f36989a38a6f1f5fd98473488ca6a22bf4e1e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 10:38:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4CAC 5 KB
791 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f8af653199669ec9c5aa0ae56efb4d010ddbad370d27100ee9811058f1ded31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 10:02:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4CAC 35 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3be61af8ca1be1fea37c76d6fcaa4c3076fe975ceed168c92f786f19bed21392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 14:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14046
x-xss-protection: 0
server: cafe
etag: 919080172339299441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 14:02:58 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4CAC 24 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Fri, 06 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Oct 2024 06:34:09 GMT

GET
H2 200 web_video.js Show response
www.gstatic.com/admanager/outstream/ Frame 4CAC 344 KB
119 KB 96ms
31ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/admanager/outstream/web_video.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51003b78d5d1f9a4004c95583d27f9a3d90c58255bbe4db1251dd9615a1d0ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120967
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 27 Sep 2023 17:54:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="drx-mobile-serving"
vary: Accept-Encoding
report-to: {"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12315447407658233084
s0.2mdn.net/simgad/ Frame 4CAC 24 KB
25 KB 97ms
21ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12315447407658233084

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b16802d382b669e0d5e2c5c44b7d1269334df341650d62bf895fb10f587b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 04 Oct 2023 14:32:23 GMT
x-content-type-options: nosniff
age: 332664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24639
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:01:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Oct 2024 14:32:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 4CAC 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:36:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4CAC 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 21:39:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 21:39:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 4CAC 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:33:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2C5B 0
0 101ms
57ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuupA-4JxpPBVhnhxIakfbVioerlYT0ldwm3wAtrR3gephgvESJbvZQc8khJj3DJZvX8evw56sBQr_BaVtupha_Bf3g6E0UbNcPNoH3K4apYqPont28zeWGjy4rAPMwpa7nrk-XJ_qfeCrXdjNMhivp6b3mNm0eeRCQ_yDS61wrwHiarRbM0JapZxCYlZ6RaycsWCXgVQsiMq0oOs1mMd9PwQzfnKMJXnFG9me1C-SKV4iUnaHSKc-mrMVXH7FR6Y8tpIItPpksuUOFb35LwQtzFqDcx6sq5OJeQce-MprXWRyn_KhY1A376QP-kDNrkjDaG0To0vDCI1IZWNlRujd1sw&sai=AMfl-YS2LCeFHC5gX3Lg40Z2lLQw23QRaLPWVuIp7gdHb3lNeT6NSLYWn4lj6Q85tdhhskJVvzm88XTedf0NjH1FulDJ5mXiym-KI6GipGPNjKmHvHDka1J5MoTdxzH6EZxU2Yqp40acE5wwS-H7km68&sig=Cg0ArKJSzHm-EmDz80MMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5215
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

34ms
33ms

Image
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Redirect headers

date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3357 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzZGyVvHAZez0sN4fRRsmHcKLR_eQzDRYbXXtn47viPnqO0ijAEYaUf16HuJYtQJ3EKiSqn0rtE9tgkXTiD29Vie04copeIIQk6wKoUA7wBtKWEpvmJd0rIV5fVm5naz3hnlCcBTVfCrus1-Ipkot43zUUaEb8T8i93CLSlGjSFoQvIUnAMpoexlpMbO9x_Q1XZep0xp_5bAttfa7AyHqrcX5dJp7XbzjB9x40KcBEZ_Y2OG9bYb71fkUA-cHHWHAAeG9aKoBFXuMGv27xCwbZMOzbA4Izt0NmNiW_sLQ5HoZIn8k9WOedBOQcXbcEX0BZrOiF_yvamHOQpYVCrcO_Zs8BxZYujivb3f7vaw&sai=AMfl-YSwPv69VT526LidNhD75Z8A0lZeV9vg-3ButpS8lUJv1W89qgSUywq_UCOGZzfIFaH4l8N1Sh2sRQoheC89pGR7AAgpqZyOfLDyydLYoWwsNfrEew4X7_B6JPg3SvyhxiGrxE-I1jV-JN5xhZSg&sig=Cg0ArKJSzCRgx0KmlkgkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3357 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvUslwEr-yCaAWR7uSf-HO_8IsDv7SOIqc1OaVtQCJEprIvv9Y7Q39XX835SIPeQe6iv5MJjvyYHS7VrwmFhor0KnbWtUR6Y-OgVxWXAdbdv9gteaW9p-mj8XsONeQwynXw4LBoRzwWq4HREWtTYMIGQHlsKF1Ekkx1pQoB9TezaOnMagR0mB0vi2KenVprrs7FMGrwXjlpvAMHusr35yH-LzSnnUYfyr4pO_1yQvQ9B9iO756hovFQ1ZLzzktJIh_OnjlmXlPMir425gQ6rA38OoVQ0J6a-zcGs2133E6bodMv-w_5vqHbTmfSsAivC_GlFiKUwLNvJ77jYXmo0FddQ&sai=AMfl-YQd-DdGsNHS8xOi5YB0TsvuERhQEBkWML2Bzj3qMDZ6JZqq1VQEROefsO7VzldVu-k9Qebe5A58zwbTkgAZf-kYKQrcXRLfJc_Qr5p21lHZIY-AdBpZGNqXAc4MgS26pRWGBbrgsN0P2VovQzIJ&sig=Cg0ArKJSzOAsLkdk6oH_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Oct 2023 10:56:47 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 524E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1

43 B
345 B

42ms
41ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNWc9DveIBm470d8YY2DZO5x-8ejq0Ddighw6T06kbV9hhCAC2Zl75WMWR6vCuLcDQeJWfViNNQ05ced7U70smUURfvHFTzVj4er3Jm1GJCTOMlN9f_CP7a2MKuUmetHmEAaWPFQbFHGunCjOJ7CXg6aHbdlq98-FI7dEXFlgcmUmRQfD1E
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqxHyJ%2B18%2FygoCrKtepwNDdq8r62CMFA1CsjmxxKYKJ6%2Fw8z3PXA4WaIILAsE%2ByT0Syky6tC%2BC8Fxm2rgDgEbC1wgFtTf%2Fv7BxPYsR4wuyZpuERn8%2B%2BMRIG7TTae81qY%2FdUoLX9jefjtig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812ddbfaac5e0374-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 524E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSKK7yWiSeI8aJUwARUnJQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1

43 B
779 B

38ms
37ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNWc9DveIBm470d8YY2DZO5x-8ejq0Ddighw6T06kbV9hhCAC2Zl75WMWR6vCuLcDQeJWfViNNQ05ced7U70smUURfvHFTzVj4er3Jm1GJCTOMlN9f_CP7a2MKuUmetHmEAaWPFQbFHGunCjOJ7CXg6aHbdlq98-FI7dEXFlgcmUmRQfD1E
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3w3WdxE%2B%2Bn%2F4%2FGr5THpesprc8R%2BOJxC%2BMfd0Td%2Fe8LNzU90jT8i4jgTLNR6QVhOKewhKySXZgkpjTLldDMWL5fGKPfs92E%2F104wrkNugSO%2Bev01zrquYpqej1D8Yx2FuO%2F1GL83MVSKsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812ddbfb2e4c19af-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK48XmDyo9hvR1L36N8RFnE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 524E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK6McrBGPlVcQ3F0EVpqmAg&google_cver=1

43 B
843 B

29ms
29ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK6McrBGPlVcQ3F0EVpqmAg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGJjN8OwBMAE&v=APEucNWc9DveIBm470d8YY2DZO5x-8ejq0Ddighw6T06kbV9hhCAC2Zl75WMWR6vCuLcDQeJWfViNNQ05ced7U70smUURfvHFTzVj4er3Jm1GJCTOMlN9f_CP7a2MKuUmetHmEAaWPFQbFHGunCjOJ7CXg6aHbdlq98-FI7dEXFlgcmUmRQfD1E

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
an-x-request-uuid: 16a4a4ef-cd6c-4368-b92a-7f94b16fd39a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK6McrBGPlVcQ3F0EVpqmAg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 524E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI5NzkxNzMxNzg0Mjk3ODM4NA%3D%3D

170 B
243 B

31ms
30ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI5NzkxNzMxNzg0Mjk3ODM4NA%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
an-x-request-uuid: 512244fa-dd17-4b1a-a8dd-f61736dc58c5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDI5NzkxNzMxNzg0Mjk3ODM4NA%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3357 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c74fdb850c236f9c4d37617751eace1f3f22eb0886b959278b399aee0d4450f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E826 0
56 B 54ms
54ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7485266594741&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E826 0
56 B 54ms
54ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7485266594741&version=m202309260101&ct=76&x=1&cor=17876430472103873000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E826 90 KB
37 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COjCbIB4zhvcpKDCOAKhTnz3aDTeMz4xr0OMo2WwesQfprsn52w8GgL0-c08JUUHFuOOBIT3ZlIN446Y6gseJaRq1k-Q&cry=1&dbm_d=AKAmf-B6i3-uYDQhKta6VXqDdd7ixwdvDILb9U9_OC7y2NJNaz7I2tvtEDi471a4A6tpuctGPCxS2-FtX-7LT4fI43zW1lsaHy29dqm_Bjtw3wIXdSn2Rkowa6ThkvquqfN7KYDVNaDmlGk8gtBJDQUnBO2Qz5EN8kZ0Q1JxIgxuCHet5DH9LTqmmXHp3N-gn9PvubKjrQoiHmTna2qTpOR-DNao60vTc9Wi_dcoWLmLcpx8AA1pzYP_6h3ZaSEG4ERIKvQLfV-1HEYrwCrq_HMZuLjrt6rcpKVxKxUio7aG8edsq_He30TdJfCnd6o81QnXugjX96RC7WbDwmE1RsDEdf4XeiH5XQPzUHzwQRLrx_OrSolZelHZzy7NMSTsAH-XKvO5T_a7h_wQ8wWkt89ka22GNmHSQU5VHMg4xgBYzoFRBIag3OCxqP9FEvgKiXyxWkW3yYV48HJXypKdaskLjEQsu8uuzyqJo9TV2nMvrtIittluR-j7oyDIkEz1sPWYbUAatavO4fpMrcpg_LBn0eW3OBot2P6yE3J4m1kCpHH9hRDzyJsGSfa3XSpKgCtEylUffiLs0QLLFBLeeHGFcX3NK9TqlGWRxL9iBh7c_vNZyNpc1dULfSeJQNOQbR2CrY43OSL4_yS-fRFmRzndUIqymeMg-kTdN3fAnY4XWdjtFuKpRYIS4hEJNoTbtl-_3YtKaPkJao_v7QJf5nKU71dIzXOD7Psvi1fY2O7SIMpP6tZ_VCI9jD7Ux3Bt94SxtQ8SKxJB6_sREsMByzPMVU1BOttg-a2A9hdi81GWiey-AXQiOBmKBu17gRWaEtkd1uxlNvC7Q2ewMaudnqznIuS_tJj2ZNK23-FIMQDBK4XDhHtZ__NOqAgt8urUKPxvh4Nb12iw0OhvLBvMwDXcIIB9KDwKIOMoBgBk917101z9ebRpeZ2F8NouxjtGr6ijR_u5auyZ40coHoSezZlOjHiUhekrU3Rv6S7FuFu5vKjy9sTK8mEpV0GDQtkmmc5c7GgQ4LPK6Z1dWbvA15qvlc8-OQo70sU96fghUXaGDUjjPGjlAducAffvV-RhStvSQ3WlgiKOkfuoKJwpmVfw8Eq0SQ1bgxZrS1JQUoM-N1UKaX8TNXVVrI8JjGtasWmbwuYgB3ngfjJHGxsDShySvTU-rW3AZmBX570iwD_uFdwxmeOZwqSuKMe5fq0BRDxrqsDpKd7_KAQA5mYGkfRyY-WQvKYHl0VN8NNG3-2-zAe5nOUDU_Q3ytBOjWFCiEW9IxM_ye1mCiVrP67ALSlsBnAb_eDwEDQrFb81EtN_noqCUstt9cWHM3gttn_TvD1LYlOhtpSjLFlbwLrxwRnkIsj-gVJzKtLKh-a-DIHtsRs9f3pBZJ4cz1INQ4NfQu1kbXrcZMHQgffGX1A_5-LF4OxHs8m3n6sKTX5UTRitBPQVqQKfW2eKyxnY5xalcjz9dFbWteX_QMM9ljoPAzHhSRZNIS0ckVSDJ3HqViBdskuaN-tA1tf70x00a1HnIzih1cfIoW4pAcyO_uef6JCSvkQWFaz3GlIkPMrD49yhn_dPx5vWdIRGhfHoqmGwk1dlBuLrrQUSx6YF7N9PJBiR2OkqVp5m_-vv_Dz81pUyDC0lyy0DEO7bL_0VtgsLlb39XwiiJp-rFxXALiQrBhcvkYdzpuzMn88aj7h3SN-SUgWQqRofVJtDUNAQrJNNvXq8KV0PmQbRdiMinSCx8tWvbwsBHerYOPLRg0vHecQfMIHKoVuW_fVkNLa9QWwykA1j6WN2nr7Fepggypzy61ecDGs-VON1_bym_IPkUWW_N4lOFxp8TL9r0tvcH0Xwb2IAbWedSXcKqDwID_cUSWm5ZbtT5iq1SbbWuVaSXy1bZgWQ5H5RgLPjPbbnGj4MLSgwrruEFiwiEQvOso1Is-kV9W4aHfRTv59Q3two4l3qvu2jZmtUae_0e8b3QO7cFORAWASoFxvx8QOMFcn0MFYtt-Ao1U5m5dpVaDk6mbjCO-3EBRUsM3pCLyPORdyExmCsTGwWJXif_BWbuLntaPBR52P0xtX_lWlz8duOHZ6RypxZH9QDJ15U_loPK1GbBkVSTo-4V_96uoMBvEHJx_xW7KdhDd-H09Z6LNmen6lcVp71Cr67VLvM06Gj12YcuoZnipkuz0EcB19zuj71wwGyv6ac2IjH9is8rfccv8GWyad3xLZCD2Q4hN6h9huucL2B5FZSzD-pb8t6NFrDwjuovzXAY6ivcWDaYWMgrPqpiQJr0ZcKIIoFw_r2Nm8obnE99CnJO6IiTTxXhOqduDhQxK_vW_Dr0n0ZqofbLFaa22KSEPJs148YkmaIUNZB6F9Pax9fK3xWcd-szzry2QZ0qYAmY29JnXyna6mdzKgnXAsAFHpNAlD1x2I5GcwRpiRvqLSm-0S5irkZcRUtrP1haglARrOwEg4YJLbXQ8b1NvJGxdCE7YHe1l2Ia72dRYMkk__C_PeNsKV0heFLF0meNSiSkqUkQDPIXX99rZJdc1BEMXv2kq2wXCIVzo-3PdqE8baz9XLoakSV7Mcrih0VN7IPeFXXSKMJx4D-wxlmhAsPW7i5OaVeANZyiQ7PErKo1ZJ3F0t00DX5RuswbiDDS94UlcYowMbn7xxRV-8RKCuVp5ZtBVCpk6Mzf0cKHiWDvx7o2iKKDhPsQGLrWX_hLAgyYwhJrYUe39iLkYAYdf4oItqiaUZP2Rnrz1looQsLnES-K5nojYDXVvSJSn0cMYV_mXVYqMTqZnmJauCRN-xvvBEMAqop8U6Ey3jSPkEHx73keo74mOSeajXON1FnczuO1F_SIDvWwwn0tKUkruBJ84INCsg0DtfN3v6GWuAvzxKU7tJE0yMl26OPhyBRPJsIiy8nPiTn3uLgra3i78Ii2fps00PUWMPBNi3J2Hd0D1QzvOwjc7vf96gluF_KUoA7fZ33MeIAu_3gfkhpI25PYtPaTHP68IbVWPsCQa1Jb44JFMVc1qnlVCLLHIgjyQEUPujoDTtcEcj77YXHFXwuTRlJBRNyl860RSRSCYsxegg2mcJ48wnVhdmBMcAUH_Xz3A47yd0U3PaIjDorEmwBheBji_2sgptgN2M5y1ivlIg2x0ECVF93NRc80QWoAYnKLSWJl03leqXuI7rAnXpspv_UzrYlzcy51SokF2DdQ3sIBk6z3q2hMoWfjl338HAG0HEnq5IBhXM4kYbWGGFUjAXtGX145fNwWzdr6EmOTfJrRzIBFp2hGtD5V9_Tne5jODD8-KlEf5CfM92zcl5o-GW7EMSrTkZ-YXVOWWH4rdw_oBWUSFXLs5p1xTKVZ1vMmBZg3uLQoaJBY6zSER20K0Mio0vp_EjnDxqx0T7j3h4xdKVS_eKtrR35D3OS2mQflIUyonO2dFClGjSycHIFzgIWOy2grKvyumj3OAbWdVsAQC-HIORz9NQ7EMnB-tQYLpd5ZQRf6vrmpUvEF6l279GtDI1igfKDUj_XZrN_ZNuUyt25tLFG0IzuR8ar2W50VI1F6igagRGuI7nU3MC2NBzCCvLdvHLSAtZpQ6_Xz1iEZ97jmS10mWogEovUfcoay6BTDDrcc-Bj4wMo3Xs7Zbe_YXtQQADEN4ouuE6cr-q67TnYo0Z5q2PZHiLq-UAibzp2RPePjcJUFCrxoPJeN6dBTEysctmPHGPLZw3DqnNXS3iDsG0wBvGIbVTJFaZ72AM5c_g2xKCs6g7xPzunZi2EWocob9JKkZpamciIywKcsJeNT07PyCGpqQQTMg20TMjOu9YeMIhI9GihOGSEBXwiuLD3MnAQo1MdCA-y9zeKf_2kMGeterADHLg3jZwz8gWPQ4NWBgAVrRmku20fYqB8466bU8tseHGsEze-uFXnrU4k&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bolatimes.com%2F&ds=l&xdt=1&iif=1&cor=17876430472103873000&adk=356101037&idt=169&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d627cb536ab6c40fda9104eeff862acb873ab09aa8af52009ba658291b2fda26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 78C2 143 B
166 B 19ms
18ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

age: 2909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4CAC 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 419d893194f69ac2db2e074e5080893756f9dd61824311b40fc29d7a5150c93d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5215 0
0 66ms
66ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqTAw7ooiZd7ELoP1-gaNwa7YAe3sj5hyoI6G_L4R57y50Y4OEAEglKSmMmCVip6CsAegAaq-4oYDyAECqQLOG7AQ3cKxPuACAKgDAcgDCKoEtwJP0HqxHdONXjWjyIH7Q_T-HnTCWOpvU3BXH5lsD6MiY3-WjoUzolrsf1smyEnrtnpjWmAg8EhHPOt3wxQ0jgSegxyXqmdyc4NvSCfIJ52OFJDbq5D9Cwnnv8kVwACxqTTKhrsezMkK4KQeKcU1zgV3dCuYhh91H6lqImpKYMAqdWInl-Ysiu5OL-R89uRGA5DRuehpHRjr1k1qlEQaRfls28u5e5WaLJU0V_0PHoYwvvTQt7OZKLkZEr4gVSMWJ80y_TirviiULD8r1DWgzORqi2-mCyHDFPC2kCvBt4zMAvWtn9CRBUM_eo_BcIZ8Yq2TAGLrwowyAfwKfHeMk8icvDmEFq0sfHbtdOAOI9IK0vtaHqUE7a1WnA4wcxPFNTi-icy7oAF6R4Ckuv5N6WBHCfELave2scAEiZ244qwE4AQBiAXr7dfjS5IFBAgEGAGSBQQIBRgEoAY5sAYB2AYCgAeCo4KRAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB6EBqAetyhuoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKzAJPoHEGNvbS53b2x0LmFuZHJvaWSYCAGgCNSGqASwCAK4CAHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgnIAWludGVudDovL2RldGFpbHM_aWQ9Y29tLndvbHQuYW5kcm9pZCZpbmxpbmU9dHJ1ZSZlbmlmZD1BQlQyVVVqMGVqNktTTmd4WWNuS0ZHRmhNdzA5NkU4RzJtQlRGU0wtdGc4RkpodkJCblZtYUpCYUVQLXJrcGtTdHllV2UyaTI3Yi14UGFHMHZmX1hKYlFGUHdNI0ludGVudDtzY2hlbWU9bWFya2V0O3BhY2thZ2U9Y29tLmFuZHJvaWQudmVuZGluZztlbmQ7gAoDkAsFyAsBmAzb_KTJtwTiDRMIo7LEo6XmgQMVg7reCh2NoAsb2BMMghQTGhF3d3cuYm9sYXRpbWVzLmNvbYgUB9AVAYAXAbIXHgocCAASFHB1Yi0xMTYyOTE0NzAyMjkzOTIwGOSdGw&sigh=yYbEWR0dKbQ&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&template_id=432&cbvp=2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 4CAC 0
54 B 376ms
125ms Ping
image/gif 2607:f8b0:4023::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnhcnb5w&c=6206120079248&slotId=3103060039624&qqid=CNXzxqOl5oEDFYO63godjaALGw&fb=web_video-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=styleframe_video
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 volume_off.png
www.gstatic.com/dfp/native/ Frame 4CAC 3 KB
3 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 14:07:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 247750
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 14:07:37 GMT

GET
H2 200 pause.png
www.gstatic.com/dfp/native/ Frame 4CAC 763 B
876 B 21ms
21ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/pause.png

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 21:18:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
age: 221882
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 21:18:45 GMT

GET
H2 200 replay.png
www.gstatic.com/dfp/native/ Frame 4CAC 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/replay.png

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 03:36:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
age: 285630
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2305
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Oct 2024 03:36:17 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4CAC 0
234 B 365ms
124ms Ping
image/gif 2607:f8b0:4023::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnhcnb83&c=6206120079248&slotId=3103060039624&qqid=CNXzxqOl5oEDFYO63godjaALGw&fb=web_video-lima&ulv=1&met.4=arp_a_s.lnhcnb89&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4CAC 28 KB
17 KB 147ms
65ms XHR
text/xml 64.233.184.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DeQfAZfK-BZjdc9b4PX1eLK5ene5bWr7t-rzWJkEmochYw_hfwXpRZNVBXqINSrJ82MpdSSQAtK6QKP04ahM9doH5VOg&dbm_d=AKAmf-DrJQBCHnv42_SNFBuYfrPEpZNcoFYWWZW7Og1ZRKJG9OD464DR-1lvOejbKPbwTJZk7gmoC_JmQS43dWxgKxLQ1vA4Ary_9ISxFVdCn-YQdr6ztgZ4Iw-Mrc56jNQC0Q8u1IgQSnk1s17SgKINJj8vsHkcv3NeDpdsNXyl9xirxiayirUbmjtV2rvz33icL2wTxz6w3x0uNtt4bLmXYCjYt9RWfnP2dkAc2IVQEsxm9DvOLKaNlDqYWRrBlVpHOW-LapnRG4YrSJ4YEko0ry13ZYf33_v9aIbHJ7BEqoImfLUW4uMhkaIdGgxv5Lj1qUlT94wwCKIgQOH2lsCTQchgZ31a01aaeqF2PA1PRzK7o-umM8Ujg1RqWTOB_Tk1W9Vr353Bq7VZQqNTm7m7AL0-lZzfW306MsiZ9S5JhKY5gkdz1cMDfFP_10QvkMrqb3lhmIinbaY9X1uaBGsq0hiO2e2LIHKbRDr8_1eHQ8G9BV-irk_Og9tPXGlzhrLMTugZiVCgiHk39EmKxLg-s2u5hMg3QGv7Toxxfy84r9Q8l4k2Q3JlXK-gdh1sMbL78Cvw9kg_bOLNyspeWo-uO0OXA0RQmNsVzb2sHbsUAGf_plaMoV4aLaw0cMfhKl_QJ4L71kDZ4P3jJBzRZtYxV1yOgE2Ux4FXaKKyGLgj_dZCps4kMYm-WnwhyzTMeLbWWVxWlXWp82HQcYr9fA8OC-JBRcjIP5BL-c78rfROEnHK4PR2ZqyXlO0FLvvj66CWQxnVYTdlA0aEC5Y98InyLv27idyO9qpJv6oq0vxXA-W_XYabW6W1hl8d4Y2jkDAqxHIIyWiZTKwv-bUQ475z1MnpP0zyvomA16KzktHQ7_-KXjMFOeyUq_Nw8GK0gAsLk1Inzh7J4KJwyQLx2lA8u2__cXhHrhfyXAryRlE4c-gFrrLksg0Oo06gcga9BEB2L4bcKkyrxcZEFQ_vpJb4aC9d-WDKRIwn-u1yKwHMYWJWmefOl3D7ivbD_g1MXw3R44yDjCFQ8gWfYn6Oq1g0yk1_Pqt6hP19n0oVNEYtPU5mjApxDoO2nHtMdjm5I4LtOyychOjA9hIRLqSqN_gy-SCeAqXpscY1aFCumAQW9KuwQhnmIgi5-9L6xWjfr-DXGaPsdiNxtgUSPa4bCwfJJzDeEPRKZMSH32dPT_7IGK-2ihBjTeSpU6FnKBYVI9fdByHH2maHF1dptxuxfH8MRdYA0FKr6UkrNruQcUE8fisHRePNQIWuO_YaCwBk6ymZ5gchBdfBXBzzC8LYiLeWRmsIq0HT564znVl-or0DlRx9M5VNKR6lH2Am0-X6SlOpMHnrWG5a4xkG55Q85XWR70Gw5FWtvyKoW3SYR0YSdQ5_Ti0S1a_zYwfc776M2dsrunMqo-fSJQ7cjk3HL7RdQGW9iFTH_5R7VZNOJGN9pnGfBTNeAtaa7cBUE-dh9ifZRFdD_TvrbxoeUN5_JDwwj8X9DZJZo2bS9Fz8zbEEO_wNOvaMu5SLqeg2Sz8EnkI4VNGYZq8JXQq5NvNkkQ4_KAD3UkOSiCkcLwYAlVx_aujjPxJbKUh_6Xp6LhRYpG-uXbwkq9cNgCmN1PqLBHS7Z87Wb8Koc5FIpS_i869CzO5x6ycVXLJciqOmLBTC4kY9lBPfC9ZvcaKVjGP9gxe9myptxJfJ3sCzeM9dWRx1m4Sg67rGI_VZvuPj0BQMukkL3PH8j0sJB0THoQwA3eArx-o4pyVaWwoZEByvbtqCwPjyneesTaUfAfxrQYQOP0ID9LPD5gpeDEw0_Q7TSrLYBl_eg21YOx2t-8yGchQ-W7wy8mzjG_aTSilEWv8CUi6ihzt3YjH5TP6tmaVnROxpdTsQpUs0P6lqjHZMi25IajFFTwcNeQ5-4GyizKjn4_ZCvIKmEjveWECq8U0idcIB2hDTFDgbQSoCZa9ktg_5Goo9V1Egonlcu7xY79zllfmiH9qVfCbKrTK2_xl64XhyvcO9aJBwH9-YnDTByWLZrJljvmvrQg_c-SVWdz_dn8B7gvmEeY43vqrv4P9E7cn8x2zxsVuenQQI5omimaOyNkm9ac-qkvoe2GQwJraTIO2-iwVzsOz5Q3OR-O9XlWfgkfvNTyMIZC9-e0cCjGH7GYW82yu3O1UxLuS8WkBP05nLLE1J1JtkpxwVPJpgq5eldMcy-PIj5zug3bJl4IqolXz13dr1aw3oDetP-WsM124HkggXEvEsC70rpZM51G4v6mki3KvVRuejzGTcRlbxDvzDTjM2_VhGk518c-P4NBNJ9jiu5JaBQrRxSbN_edr0zCrRLNTijc6jxP3STXc0LuDsWRmC86sV4b0W1mImI2kzyqv0kPTRXQfnHiF_P8IJr-D4zrinQcylv5tPG_IsO4XzehTNdJj6Z9EV9CDaLvPNuWvRVdGrSt9DWksDAdkYo5w_N0w5CAywI66kuJQcbtyK30Lrwj7XxCibQ3KGPmL4l7wp5Wi7w7Tj_QYgcRkQqPuvIe4rg0jlmyLpdLxQd_oFOqQ-K0Zp7_HmfGe1_Fm_7laac6RopJFil2QwQZATCeOaZWuMLLWdf9wmjUEeEfHMSKjMQqSGvTemFwQTZQaR40zflzpsIkFrE0tyO1octm9p-SZvd37_oH8kKHDC85ZAAxuLMBOcAIJgJgWnzDyiyKoB7zzeOhVVWT2ny_eEToGvnw4TGCwzrlRM6VntYsiE4Ku_i8YSwPdxZGYiK1-ed9NswczFsXzneiyHK_c2LoUzEoqqIVhhGR2yAvxqIAVZ4ZvaTkyr8QZhtbKhE1k08G-PpeBZpSjkIPdyKx0P37FtWwif92uz3jASO9VE-jgUdyBGptQ1EzOrUgAbvJcdcgJ96I7Jn2loeKTv2LBHXlyXCpd7QkJW2Ny_4tWhYAb9lcFMbbh3F7oTSeG86mXDGwpUC-_OyCccp-7tffFJoYlCaBCBgVq-L9qxNl6d9Qu89dSaVkDVS0kbY9xz3aYhQs77UvfPcW4fbIFeaRuOPzmHyfd_Pn1jKVW7oiNZ0DTq5JV0wKo480FGc_NUwVFwcFmNDZRz_EWn3VF59FLaWB2IUXpwMK6opbNnm3-59GQ7VW_KA4loWeAHgHvVNN4ySw_Ef2ysxzOUd3z-C2iw8yGpNHdiedXOmV1nXFOBuzSXpTWvwC149A4jc9XpH6rNFV0pgI9ak98wdwWelpUPRj9Orlya82ei_t7rImq9B-7GFrNnSKAjA_mPTPAc7wabjs5vZirwd43BGXbsl3ZFDxHXPVnytfzAeHIwfEshNKc783oyTZMr37Z3qxP_Ub7N3a7Snuj0V3dGWT0R92aGsSou-L8Jyko06gaVo8lu81tTlBrsWOKMfeSzxJIMxxOQIqrM7H-NkvXXZleUesJYHzE2C_Hf-mP9jdDhM_E5GrkR3Qe5VnUgNBFduNhNpi8dQ7L_HIpL_St-Tl_XFzDy6GhOV7pwM-8T1Kji8pjCr6cchguCvrUfU7hoWZA6iYYdJbm3p4mbCsEMcBNUb95moQQkwF_U_8pOhMGA09wWL0OC7EF1-IY491drbK2WQ4JhmIjRdpxeAzvRrB7_OFI9I57XnqcU6lt8d0BzdCV_RVECHKpHfZHyTWb0l59NbcMUCk-K3UfCK85_KiFDtPCIm0dt0Srk-B-M-QkEAiUeWua-UBNEEqpkVbdCiwELZ2HAksh5GYyD33emYeWp1JqOM3Lzh94zRPcY5lPtfnFVQGc6O-f2Kxy3PjUrsAHCz2fx3h0vYS7I2ET506xnNtc4sOb9M7PCtlNvvBJ8rSpQ3y3r0SdL6qASLMGg_qaHbju993oj977DuNK6fxXi0f1DI_NWL6yzalgcYsQS0p5soK55hLLxDOijakqT3mzYvNDZV_Bl0668WJAwQC_0v9yDDU8lQ84L8WmA0-M4NobHcjDAlpb9OODMU99lWMoV9_55FKyiQAYYNkq7SSgMtIPNU81AYhx47Bd42BX-97Bbd7ME1HiCnpJKT__cuG4zx1FRXUU1y8x6DzKAc9BhtqPjK-xSY3jcS_pddpVwiw8YXbvPZ4YftqqBgkrh6rzueJmoTUSkWxoKn6E42x9M0Pf2bbY_DVxERH3yQAC1saavQOzo5ma7VmvN5Qi56P6jJl9rZglgJyyatxcim2fvQXIDcVdZi5YAv14oRB4Htj0Q6IRqOtL6pp3uTT3wrtVlfvy6ij9CfQUVk3lsC-MSy31-RF3ynADlB-H27IdARYZNx23C-r2m10vLYjvi3t2Zrtzpim3mDuHH0ryc9qgfSBlDUVkOWVQyvl8Tp7rGnMHKOtNrjpUbuGfSEC668DYjcKC_DzML19Vxlw_8gg85wf27L7Wm_4GWog&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f156.1e100.net

Software

cafe /

Resource Hash

f88b9cc78e1698bac982d615bfc953a2bcfb1f30b9372763a8ca6a5f81095910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16431
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4CAC
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CRzzL7ooiZdXELoP1-gaNwa7YAay1tblzrdOYrucR-uC_oNQBEAEglKSmMmCVip6CsAegAfq33eMoyAEGqQLOG7AQ3cKxPqgDAaoEoAJP0Kvl0s05DS4f16B4WGVeTQcnf1ixfFtxg6zA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213450539955119028263%22,%22debug_reporting%22:true,%22destination%22:%22https://rebuy.de%22,%22event_report_window%22:%222...

0
0

97ms
54ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213450539955119028263%22,%22debug_reporting%22:true,%22destination%22:%22https://rebuy.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210946567162%22],%224%22:[%2210-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218320841633921484209%22}&andc=true

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13450539955119028263","debug_reporting":true,"destination":"https://rebuy.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10946567162"],"4":["10-08"],"6":["true"]},"priority":"500","source_event_id":"18320841633921484209"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 08 Oct 2023 10:56:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13450539955119028263","debug_reporting":true,"destination":"https://rebuy.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10946567162"],"4":["10-08"],"6":["true"]},"priority":"500","source_event_id":"18320841633921484209"}&andc=true
access-control-allow-origin: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 54ms
54ms Preflight
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CRzzL7ooiZdXELoP1-gaNwa7YAay1tblzrdOYrucR-uC_oNQBEAEglKSmMmCVip6CsAegAfq33eMoyAEGqQLOG7AQ3cKxPqgDAaoEoAJP0Kvl0s05DS4f16B4WGVeTQcnf1ixfFtxg6zA27SEQ_Q1S9OsqXnnROI-UBBnufZrosibeMRJaALk_p3Ag4kplcjmH4BjsYKFTRYaVznydqtC8weNJWdnN_PYmGNYi_m3ZbWyPqNozbGbUoYlRWp8O6YJvybQL5eMmg_e50cnTrdbaJFb6SaCcYh-yf9FqGSWT2uUvyav9Qpgrw93cdF9XdEi187KfeJw7tj_4ador6r_gMJTyW3upLWEvAUflCTVb-HZpyMIdeYaqW8TmXXxqEHjhY4ZVnm_mMXa67CYYpVrfUeu2_N5M_bUImQereDn3WZPuy7v2bSefB-gvVAmZ-f8UdO3oHQWokxBht7LXfDCz4O-RJ5U5jJ8W72w0CbABMvKqc_ABOAEA4gF_6fb20ySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjfYBgKAB_rvrcMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQsPsCGJzg7PgBoAjUhqgEsAgC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJzgFodHRwczovL3d3dy5yZWJ1eS5kZS9rYXVmZW4vYnVlY2hlci1iZWxsZXRyaXN0aWstY29taWMtdW5kLWh1bW9yP3V0bV9zb3VyY2U9UFJPRyZ1dG1fY2FtcGFpZ249W1BST0ddX0RWMzYwX0RFX0JMX01FQk9fTUlEX1E0LTIzLU1pZGZ1bm5lbC1Tb2NpYWwtUHJvb2ZfUHJvc3BlY3RpbmdfTmF0aXZlLVZpZGVvX01FLUJvb2tzLUNvbWljLUh1bW9yXzE5MjB4MTA4MIAKA8gLAeINEwiZssSjpeaBAxWDut4KHY2gCxuwE8_S_RTIE9X00uMD0BMA2BMNghQTGhF3d3cuYm9sYXRpbWVzLmNvbdgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMTYyOTE0NzAyMjkzOTIwGOSdGw&sigh=rIdnLYZ_h8c&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&template_id=509&vt=10&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 10:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E826 111 KB
39 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
Origin: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 20:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Oct 2023 20:02:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame E826 11 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COjCbIB4zhvcpKDCOAKhTnz3aDTeMz4xr0OMo2WwesQfprsn52w8GgL0-c08JUUHFuOOBIT3ZlIN446Y6gseJaRq1k-Q&cry=1&dbm_d=AKAmf-B6i3-uYDQhKta6VXqDdd7ixwdvDILb9U9_OC7y2NJNaz7I2tvtEDi471a4A6tpuctGPCxS2-FtX-7LT4fI43zW1lsaHy29dqm_Bjtw3wIXdSn2Rkowa6ThkvquqfN7KYDVNaDmlGk8gtBJDQUnBO2Qz5EN8kZ0Q1JxIgxuCHet5DH9LTqmmXHp3N-gn9PvubKjrQoiHmTna2qTpOR-DNao60vTc9Wi_dcoWLmLcpx8AA1pzYP_6h3ZaSEG4ERIKvQLfV-1HEYrwCrq_HMZuLjrt6rcpKVxKxUio7aG8edsq_He30TdJfCnd6o81QnXugjX96RC7WbDwmE1RsDEdf4XeiH5XQPzUHzwQRLrx_OrSolZelHZzy7NMSTsAH-XKvO5T_a7h_wQ8wWkt89ka22GNmHSQU5VHMg4xgBYzoFRBIag3OCxqP9FEvgKiXyxWkW3yYV48HJXypKdaskLjEQsu8uuzyqJo9TV2nMvrtIittluR-j7oyDIkEz1sPWYbUAatavO4fpMrcpg_LBn0eW3OBot2P6yE3J4m1kCpHH9hRDzyJsGSfa3XSpKgCtEylUffiLs0QLLFBLeeHGFcX3NK9TqlGWRxL9iBh7c_vNZyNpc1dULfSeJQNOQbR2CrY43OSL4_yS-fRFmRzndUIqymeMg-kTdN3fAnY4XWdjtFuKpRYIS4hEJNoTbtl-_3YtKaPkJao_v7QJf5nKU71dIzXOD7Psvi1fY2O7SIMpP6tZ_VCI9jD7Ux3Bt94SxtQ8SKxJB6_sREsMByzPMVU1BOttg-a2A9hdi81GWiey-AXQiOBmKBu17gRWaEtkd1uxlNvC7Q2ewMaudnqznIuS_tJj2ZNK23-FIMQDBK4XDhHtZ__NOqAgt8urUKPxvh4Nb12iw0OhvLBvMwDXcIIB9KDwKIOMoBgBk917101z9ebRpeZ2F8NouxjtGr6ijR_u5auyZ40coHoSezZlOjHiUhekrU3Rv6S7FuFu5vKjy9sTK8mEpV0GDQtkmmc5c7GgQ4LPK6Z1dWbvA15qvlc8-OQo70sU96fghUXaGDUjjPGjlAducAffvV-RhStvSQ3WlgiKOkfuoKJwpmVfw8Eq0SQ1bgxZrS1JQUoM-N1UKaX8TNXVVrI8JjGtasWmbwuYgB3ngfjJHGxsDShySvTU-rW3AZmBX570iwD_uFdwxmeOZwqSuKMe5fq0BRDxrqsDpKd7_KAQA5mYGkfRyY-WQvKYHl0VN8NNG3-2-zAe5nOUDU_Q3ytBOjWFCiEW9IxM_ye1mCiVrP67ALSlsBnAb_eDwEDQrFb81EtN_noqCUstt9cWHM3gttn_TvD1LYlOhtpSjLFlbwLrxwRnkIsj-gVJzKtLKh-a-DIHtsRs9f3pBZJ4cz1INQ4NfQu1kbXrcZMHQgffGX1A_5-LF4OxHs8m3n6sKTX5UTRitBPQVqQKfW2eKyxnY5xalcjz9dFbWteX_QMM9ljoPAzHhSRZNIS0ckVSDJ3HqViBdskuaN-tA1tf70x00a1HnIzih1cfIoW4pAcyO_uef6JCSvkQWFaz3GlIkPMrD49yhn_dPx5vWdIRGhfHoqmGwk1dlBuLrrQUSx6YF7N9PJBiR2OkqVp5m_-vv_Dz81pUyDC0lyy0DEO7bL_0VtgsLlb39XwiiJp-rFxXALiQrBhcvkYdzpuzMn88aj7h3SN-SUgWQqRofVJtDUNAQrJNNvXq8KV0PmQbRdiMinSCx8tWvbwsBHerYOPLRg0vHecQfMIHKoVuW_fVkNLa9QWwykA1j6WN2nr7Fepggypzy61ecDGs-VON1_bym_IPkUWW_N4lOFxp8TL9r0tvcH0Xwb2IAbWedSXcKqDwID_cUSWm5ZbtT5iq1SbbWuVaSXy1bZgWQ5H5RgLPjPbbnGj4MLSgwrruEFiwiEQvOso1Is-kV9W4aHfRTv59Q3two4l3qvu2jZmtUae_0e8b3QO7cFORAWASoFxvx8QOMFcn0MFYtt-Ao1U5m5dpVaDk6mbjCO-3EBRUsM3pCLyPORdyExmCsTGwWJXif_BWbuLntaPBR52P0xtX_lWlz8duOHZ6RypxZH9QDJ15U_loPK1GbBkVSTo-4V_96uoMBvEHJx_xW7KdhDd-H09Z6LNmen6lcVp71Cr67VLvM06Gj12YcuoZnipkuz0EcB19zuj71wwGyv6ac2IjH9is8rfccv8GWyad3xLZCD2Q4hN6h9huucL2B5FZSzD-pb8t6NFrDwjuovzXAY6ivcWDaYWMgrPqpiQJr0ZcKIIoFw_r2Nm8obnE99CnJO6IiTTxXhOqduDhQxK_vW_Dr0n0ZqofbLFaa22KSEPJs148YkmaIUNZB6F9Pax9fK3xWcd-szzry2QZ0qYAmY29JnXyna6mdzKgnXAsAFHpNAlD1x2I5GcwRpiRvqLSm-0S5irkZcRUtrP1haglARrOwEg4YJLbXQ8b1NvJGxdCE7YHe1l2Ia72dRYMkk__C_PeNsKV0heFLF0meNSiSkqUkQDPIXX99rZJdc1BEMXv2kq2wXCIVzo-3PdqE8baz9XLoakSV7Mcrih0VN7IPeFXXSKMJx4D-wxlmhAsPW7i5OaVeANZyiQ7PErKo1ZJ3F0t00DX5RuswbiDDS94UlcYowMbn7xxRV-8RKCuVp5ZtBVCpk6Mzf0cKHiWDvx7o2iKKDhPsQGLrWX_hLAgyYwhJrYUe39iLkYAYdf4oItqiaUZP2Rnrz1looQsLnES-K5nojYDXVvSJSn0cMYV_mXVYqMTqZnmJauCRN-xvvBEMAqop8U6Ey3jSPkEHx73keo74mOSeajXON1FnczuO1F_SIDvWwwn0tKUkruBJ84INCsg0DtfN3v6GWuAvzxKU7tJE0yMl26OPhyBRPJsIiy8nPiTn3uLgra3i78Ii2fps00PUWMPBNi3J2Hd0D1QzvOwjc7vf96gluF_KUoA7fZ33MeIAu_3gfkhpI25PYtPaTHP68IbVWPsCQa1Jb44JFMVc1qnlVCLLHIgjyQEUPujoDTtcEcj77YXHFXwuTRlJBRNyl860RSRSCYsxegg2mcJ48wnVhdmBMcAUH_Xz3A47yd0U3PaIjDorEmwBheBji_2sgptgN2M5y1ivlIg2x0ECVF93NRc80QWoAYnKLSWJl03leqXuI7rAnXpspv_UzrYlzcy51SokF2DdQ3sIBk6z3q2hMoWfjl338HAG0HEnq5IBhXM4kYbWGGFUjAXtGX145fNwWzdr6EmOTfJrRzIBFp2hGtD5V9_Tne5jODD8-KlEf5CfM92zcl5o-GW7EMSrTkZ-YXVOWWH4rdw_oBWUSFXLs5p1xTKVZ1vMmBZg3uLQoaJBY6zSER20K0Mio0vp_EjnDxqx0T7j3h4xdKVS_eKtrR35D3OS2mQflIUyonO2dFClGjSycHIFzgIWOy2grKvyumj3OAbWdVsAQC-HIORz9NQ7EMnB-tQYLpd5ZQRf6vrmpUvEF6l279GtDI1igfKDUj_XZrN_ZNuUyt25tLFG0IzuR8ar2W50VI1F6igagRGuI7nU3MC2NBzCCvLdvHLSAtZpQ6_Xz1iEZ97jmS10mWogEovUfcoay6BTDDrcc-Bj4wMo3Xs7Zbe_YXtQQADEN4ouuE6cr-q67TnYo0Z5q2PZHiLq-UAibzp2RPePjcJUFCrxoPJeN6dBTEysctmPHGPLZw3DqnNXS3iDsG0wBvGIbVTJFaZ72AM5c_g2xKCs6g7xPzunZi2EWocob9JKkZpamciIywKcsJeNT07PyCGpqQQTMg20TMjOu9YeMIhI9GihOGSEBXwiuLD3MnAQo1MdCA-y9zeKf_2kMGeterADHLg3jZwz8gWPQ4NWBgAVrRmku20fYqB8466bU8tseHGsEze-uFXnrU4k&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bolatimes.com%2F&ds=l&xdt=1&iif=1&cor=17876430472103873000&adk=356101037&idt=169&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:38:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame E826 30 KB
11 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:38:45 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E826 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 300310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
DATA 200
OK truncated
/ Frame E826 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f912229a91ef5a43ee72f2aa9d2e1969feea6cfdb6318fa34fa814171b7a1d24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 78C2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
URL: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:47 GMT
expires: Sun, 08 Oct 2023 10:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7C5C 38 KB
13 KB 19ms
19ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 295816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 34 KB
10 KB 21ms
21ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe10d22627b04079f10250845bccdd07f7ac5e86f4a1cb8005344a620d1d378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 255980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 10308
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 11:50:27 GMT
expires: Fri, 04 Oct 2024 11:50:27 GMT
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E826 0
0 131ms
67ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuygt1KLbJTHjLi2Q883qMtARZJMbuzUi3va9dFiBDwEo2-LkZd8FXQdxckBqU1S_8aYhhCpFAYGIelt2T9LRXJNDDnulWSwov3bzKtpUimcGXQ7LGljZUuwq0UvuGw3pJg1DRV1MtT7-8aOxpRuH9MlrmUI5HOUs2bgEjpxahB0SY8eiDN4ExbXTNhUQiQhhJ6S88sHzFg-5P3PhN5L2XfHp6WebzeJUtAs8DyxmLfthVDjmZjGgz1vHqwOVgioryE_SpuSBf_5VOdZ5jOZ3uskY_7JRHMQz1jcwUt2hi_te_dxm4NY-CEd2X2-kaFAA-h4ArDi2IQuGVkfJiwcGHc8Bj8QC_QaBieJx5IEsfXfT2fAqGbUTP2P0L8R04kWImcPbVUnbqaW7BqVYtjBy1Jpx3dI3EfM9C0yqxOUPTTfMGEs-an5UF5Vm4YFxiCtTob8phuk7lb-STkyhApgX-GFF02mUm9NaQ2mYff2EGWgpSlju_qzxGuljtvemaby7GxkRSfU1nMfp6I-ZP1TydrWxNml1KTQA72nA-SQcfV9-6B6bf1XnfWjuJ3GY0eVaivRKQ4mBhEStCCZAh74pVKFrcw9r9uOynt-_p22FLEl4KHv0-k3gL8Dw_j1pFY7nNLSfkLgFMghXWWA4_cWBQFpNqxONkWFCV_OMcmsNTVO_UujhCQ03nBbbXPf7L2qvHGaXNodx7P5_XwMcchQWL_RV2lrE8xjO8NCWYkpsi5K_AsykD5xF_V5zSnciJkoD-YcB7uRm3PTjhkg3amfwytQGnnoS7P4kLrvLjWhTdPKhilXgFktXBrdFMy2KVAR17wlw0iApz-rdPAz-ubLhO6k13Zoj3A91z3DTtfISPB6Oh-yF2L63oGlEqKRlBFS0N85iH2DhxK1oYCtTXC4HL6lMGixTZt5vaQUUMoKzFjKGtgwDv9cmvvCyQlu7wTo-YlbO1f6JBRIPLPaj7h7ptj4Go-oL18a8Yi8KNTFshu2fKo9e5gRqnC2mSqwDA8fZgfYO2bWK_mXZAoRjvIFQPspTpBagQjYrQLAlAWCBEEG2MN3yuQ5QlAADJDCsGwCwN-2aDBZ5t31rINMruAzk63rF5YT_cDFCWLL914Rxh-dSnXCg7FQwQoAKGwyKhE1sQWNEs0xmllCjEyQjuHiHWGidYv0mUd9EA8379PGKGMmp4Lo4FnbwB3vv0JVaJrEB6MpZfPFqYdnqn8Ng5cWTFyP96EFCEyQ1SH_cG-gwQMl8WWisayCYrMBD_1kypB0PB_rWTi_hAc0nmUphJF6DMV2PMLwFJTl0fDWPohArCVr-BO_7ySF9kaiRuamuuKuq0x2v0dMYqZYQY167NB4anlYAW9tKg1LSwRVIr0wCudeWMqqiq4LUGANzTdOTBQkPbDFcAadzsLfUhNDM_OnZu24yyFfVTY1MysrXfMej09N8pBgk2cag&sai=AMfl-YRIU4DFq8zip0OzaVXXrIHSk1--U7ccrdDQZufD4oACyv344XXMK1b2rfIraOwq333pCRk1BZaSVw2xUJXUl1lt5-Ru1z2mWp0RsniM5ao1wDtfjONeNZb1bLLnUHPWki-wfVwyTbPFgAZf9FWkypQXU06CWslNlFCVODYrI_DqZEaQah-jKj42ZF57n057orGeIS08dMKD9rV2EcnH1NGhVmCVyjMbRQ2DMubevZPed74Y7apIagSpRbFpUyuRa-_-N5ZnCym-79AwUCk4h4tnQ8uOk9uXWc3J&sig=Cg0ArKJSzEMq68BmC-MfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&cbvp=1&cstd=84&cisv=r20231004.04868&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 08 Oct 2023 10:56:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C5C 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 112ms
55ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 10:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 splitText.js Show response
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 8 KB
3 KB 22ms
21ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/splitText.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75c6b260fee00db1fe67db954b335fcb5f19f4d339f33ba1228b90a54ea88042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 03 Oct 2023 05:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3435
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 05:00:10 GMT

GET
H2 200 Smart_Regular.woff
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 20 KB
20 KB 23ms
21ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/Smart_Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed654d864a83081f65642d7c153595a722b58a0ab5776dba72f2c767b41930f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:27 GMT
x-content-type-options: nosniff
age: 255980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20052
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:27 GMT

GET
H2 200 Smart_Regular.woff2
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 15 KB
15 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/Smart_Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b86e678f724241714425a98d49c80fcdee4cf52b93c913b56ae403d2e423d3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:28 GMT
x-content-type-options: nosniff
age: 255979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14848
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:28 GMT

GET
H2 200 smartNext-Bold.woff
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 19 KB
19 KB 36ms
34ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/smartNext-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a4198aac2107c45dc0d5c25bb2e1ad3420efc9fcc02cd7c2fe7cfee0d2b880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:27 GMT
x-content-type-options: nosniff
age: 255980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:27 GMT

GET
H2 200 smartNext-Bold.woff2
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 15 KB
15 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/smartNext-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95cd0c0f4ec29744afef0d2b001f3affe95419106afff4f93339574c9067db51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:28 GMT
x-content-type-options: nosniff
age: 255979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14912
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:28 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame FAB1 64 KB
23 KB 66ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6867663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3J6Hnh17RhRISKzMWwtIFb3%2F0G7jsbgChUJg887gap2OYjUm9OkASFz2V5D951H2cwInMb9xovghw9ADVPEGR33r20BZ8XFY1jO6peIt8pt7p4ej%2FV8tD0IDZwAxtAlmIU5tnRivm7zZS2v%2BKurIv1r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812ddbfbbd23bbe6-FRA
expires: Fri, 27 Sep 2024 10:56:47 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame FAB1 2 KB
2 KB 65ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

535520dc8857dfcf9610d361f99e9d419786585dda328a3f6635eba5982803d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7494755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1193
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2YtejxvBP6vv4oA54p5vHHNt53OGuil0hP5CDtfiMS4NGvsJcAFRF7Xuv4UaVUHidHnXIcXZ26bRatPjRjYlZNS48%2FZl%2FhGz7i5U75%2Fehn08j%2BFy7uU6TgkpLcYN4nJ3XAhsWUAXXkgPhzOLnsZo%2B6A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812ddbfbbd26bbe6-FRA
expires: Fri, 27 Sep 2024 10:56:47 GMT

GET
H2 200 EaselPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame FAB1 5 KB
2 KB 66ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/EaselPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eadf86ab162e1d578164338aea12323e59534a9d43fbd526d609a667965003d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2614682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1914
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-77a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqI65wkGLfhe4n1zM8pK%2FpXRqBVSo4%2FoNPWj81BHPfb3Cwn3nYaIF%2Bi67RRb0vNEdZF5WR7ImwaYnEHUV0cJQAqSil0TSbrJQt6jElTgmzzC5jR220VHhv4zcpgyurZnYWz%2BDJ1W4QX51OQSKHcopIFO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 812ddbfbbd25bbe6-FRA
expires: Fri, 27 Sep 2024 10:56:47 GMT

GET
H2 200 HYPE-724.thin.min.js Show response
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 55 KB
24 KB 44ms
43ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/HYPE-724.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ae93330f3a0b8e253e34bc6d66018d996fb5d56ef0802e6def0d91fd035c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24394
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4CAC 0
54 B 204ms
125ms Ping
image/gif 2607:f8b0:4023::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lnhcnb8d&c=6206120079248&slotId=3103060039624&qqid=CNXzxqOl5oEDFYO63godjaALGw&fb=web_video-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4CAC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/acao,ctier,expire,id,ip,ipbits,ita...

1 MB
1 MB

110ms
20ms

Media
video/mp4

2a00:1450:4001:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C548938C9A4979622BCE2EAFFAE2C2181143BFE.0400D7B3299B64CADAD720D98CB3238DCAF4CEF6/key/cms1/cms_redirect/yes/mh/7f/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1696761413/mv/u/mvi/3/pl/29/file/file.mp4

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:1::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

200806660678f77a609672e6511b753daa50a148b89fba26584272ef0f044cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Date: Sun, 08 Oct 2023 10:56:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Sep 2023 15:04:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1279576/1279577
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1279577
Expires: Sun, 08 Oct 2023 10:56:48 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5e6nzz.c.2mdn.net/videoplayback/id/0d192bd6a1cfd060/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3840275118/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C548938C9A4979622BCE2EAFFAE2C2181143BFE.0400D7B3299B64CADAD720D98CB3238DCAF4CEF6/key/cms1/cms_redirect/yes/mh/7f/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5e6nzz/ms/onc/mt/1696761413/mv/u/mvi/3/pl/29/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d195afc9-1e22-463b-ab17-245996da8c12
https://www.bolatimes.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bolatimes.com/d195afc9-1e22-463b-ab17-245996da8c12
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK ee7b4beb-e0bd-48a0-8136-58c4168fd060
https://www.bolatimes.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bolatimes.com/ee7b4beb-e0bd-48a0-8136-58c4168fd060
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 Slide-3-mobile.jpg
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 79 KB
79 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/Slide-3-mobile.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caaac5ceac0b6ddb9faf4d2adef2368a5fa9e3ed07f7d2455d4af0cf5bc82db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:28 GMT
x-content-type-options: nosniff
age: 255979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80632
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:28 GMT

GET
H3 200 info_icon_green2.svg
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 955 B
447 B 34ms
34ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/info_icon_green2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 06:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 418
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 06:21:29 GMT

GET
H3 200 arrow_black-1.svg
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 952 B
436 B 34ms
33ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/arrow_black-1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6c3c5ac5900e2fdeeea6e3c9514871617b72608b224e33f329b0b4d8e91a85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 10:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259762
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 407
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 10:47:25 GMT

GET
H3 200 Slide_3_320x100.png
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 33 KB
33 KB 25ms
24ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/Slide_3_320x100.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f1a9162f8b23fbefabc5cf46391cbe497e60b62ca7aac69161f66d5f4f8ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 11:50:28 GMT
x-content-type-options: nosniff
age: 255979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33721
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 11:50:28 GMT

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 41ms
40ms Image
image/gif 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.bolatimes.com%2F&cbuster=1696762608021988847883&pvid=18b0eeeb99484808ba8&implVersion=11&cxurl=https%3A%2F%2Fwww.bolatimes.com%2F&site=565612&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 812ddbfc295e918c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E826 0
0 59ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuygt1KLbJTHjLi2Q883qMtARZJMbuzUi3va9dFiBDwEo2-LkZd8FXQdxckBqU1S_8aYhhCpFAYGIelt2T9LRXJNDDnulWSwov3bzKtpUimcGXQ7LGljZUuwq0UvuGw3pJg1DRV1MtT7-8aOxpRuH9MlrmUI5HOUs2bgEjpxahB0SY8eiDN4ExbXTNhUQiQhhJ6S88sHzFg-5P3PhN5L2XfHp6WebzeJUtAs8DyxmLfthVDjmZjGgz1vHqwOVgioryE_SpuSBf_5VOdZ5jOZ3uskY_7JRHMQz1jcwUt2hi_te_dxm4NY-CEd2X2-kaFAA-h4ArDi2IQuGVkfJiwcGHc8Bj8QC_QaBieJx5IEsfXfT2fAqGbUTP2P0L8R04kWImcPbVUnbqaW7BqVYtjBy1Jpx3dI3EfM9C0yqxOUPTTfMGEs-an5UF5Vm4YFxiCtTob8phuk7lb-STkyhApgX-GFF02mUm9NaQ2mYff2EGWgpSlju_qzxGuljtvemaby7GxkRSfU1nMfp6I-ZP1TydrWxNml1KTQA72nA-SQcfV9-6B6bf1XnfWjuJ3GY0eVaivRKQ4mBhEStCCZAh74pVKFrcw9r9uOynt-_p22FLEl4KHv0-k3gL8Dw_j1pFY7nNLSfkLgFMghXWWA4_cWBQFpNqxONkWFCV_OMcmsNTVO_UujhCQ03nBbbXPf7L2qvHGaXNodx7P5_XwMcchQWL_RV2lrE8xjO8NCWYkpsi5K_AsykD5xF_V5zSnciJkoD-YcB7uRm3PTjhkg3amfwytQGnnoS7P4kLrvLjWhTdPKhilXgFktXBrdFMy2KVAR17wlw0iApz-rdPAz-ubLhO6k13Zoj3A91z3DTtfISPB6Oh-yF2L63oGlEqKRlBFS0N85iH2DhxK1oYCtTXC4HL6lMGixTZt5vaQUUMoKzFjKGtgwDv9cmvvCyQlu7wTo-YlbO1f6JBRIPLPaj7h7ptj4Go-oL18a8Yi8KNTFshu2fKo9e5gRqnC2mSqwDA8fZgfYO2bWK_mXZAoRjvIFQPspTpBagQjYrQLAlAWCBEEG2MN3yuQ5QlAADJDCsGwCwN-2aDBZ5t31rINMruAzk63rF5YT_cDFCWLL914Rxh-dSnXCg7FQwQoAKGwyKhE1sQWNEs0xmllCjEyQjuHiHWGidYv0mUd9EA8379PGKGMmp4Lo4FnbwB3vv0JVaJrEB6MpZfPFqYdnqn8Ng5cWTFyP96EFCEyQ1SH_cG-gwQMl8WWisayCYrMBD_1kypB0PB_rWTi_hAc0nmUphJF6DMV2PMLwFJTl0fDWPohArCVr-BO_7ySF9kaiRuamuuKuq0x2v0dMYqZYQY167NB4anlYAW9tKg1LSwRVIr0wCudeWMqqiq4LUGANzTdOTBQkPbDFcAadzsLfUhNDM_OnZu24yyFfVTY1MysrXfMej09N8pBgk2cag&sai=AMfl-YRIU4DFq8zip0OzaVXXrIHSk1--U7ccrdDQZufD4oACyv344XXMK1b2rfIraOwq333pCRk1BZaSVw2xUJXUl1lt5-Ru1z2mWp0RsniM5ao1wDtfjONeNZb1bLLnUHPWki-wfVwyTbPFgAZf9FWkypQXU06CWslNlFCVODYrI_DqZEaQah-jKj42ZF57n057orGeIS08dMKD9rV2EcnH1NGhVmCVyjMbRQ2DMubevZPed74Y7apIagSpRbFpUyuRa-_-N5ZnCym-79AwUCk4h4tnQ8uOk9uXWc3J&sig=Cg0ArKJSzEMq68BmC-MfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&vt=11&dtpt=189&dett=3&cstd=84&cisv=r20231004.04868&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C5C 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BB2bG74oiZcb_K8y6x_APyv6zwAoAAAAAOAHgBAI&bg=!S0ilSAfNAAYMG8UMLBs7ADQBe5WfOPGl24jV5PnN96GZR9uUirOLO2s54cY0zgR0unKpFAmAoyqC64xwV4bLZ2WWfFcTAgAAAHhSAAAABWgBB5kDBJsIbVUTGxiqIitXGzolsTHcEhY6C7V05azqlbHtEBuXR-nWx4z3J2YyIGYwDE4X7Q1c14o6N6mme4b8RcZ165DPeS6t690mk6OgnvuTJ22AbQ-eersBk8vYRyjnRtSgHrZxn2Fjw7VHb7_nnDhxxyry3jmZlGfY2o-XuVD5Njf66qC4ja-t6vp5NRBsTTxkliIJyMAK4sfK3p9iD3x-eyAP5BYhpagCX0zWVplO0haqwSbmk-UAZduJZsd8UI-iEtpXUAlvaFjY1yx6o0GThoW0AlPNQ2wKNBTXAXEfVw3u--2e-VbTj2akltXM5zfAeh9g8YDngE5OaZxITQwEXOVvEIcB2L6iB0FwFmDOeIp0Lnfs2Br4maJ9nQLojZjTgQBfWDMINuSt58XAmVBDLoDvfzIK1MVM4Jxbh_rUL7M4w2QDYQUrG2njSPmVoRIWLtHmYqLDqxzFJpd8T5jCYbeiKzh-iVz7BvG5_d7XJowol4alXAhk9ccKUOHdrdYQDBnlJRAvI8xNWxmojwgO5_cSNQjH3w6S0EbdId129gM8sosOuIlC8AL7obtIHbgdusDMOY2uOWMT6oCIKR3P6sDMKvnleI_JdVOSsbwAh7c429kPy8cTXDVkCHPJ4ln1yw6bYOl40HLtmoEuvQxmUsiTiYvP1qupEQ0To5TBXBhnlKhvNognDexmTEXwcenaEdp3IzF7fQqQREy9Xp_JhS2dkU5PtRHNLtpc2__znBx5ZO7NxGNdoE4s0v_o4cFJqQICTxjo66pb-1vysEAImisaBMcHhL2g-m50j9QcPfDvjiCzfxODVqHjNmbESpAofCBdVy-Ili4C3m0t1SwMbEeicmxYPSpq_wXLFB21mwYt_TYuOEKHbSngsVap0yads_MIGadd4a-971pZYA1ylPerBGP_31Gwb2N-P1nVh9QmRc8SMDkF8FpXOFFkfTNqF74-M3mr79w0ff4skWcOZOwrmFhDaHaq38-oIxe5SoaZDrMxWbwG-wDt5Hymxl_hxskR80c

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 109ms
69ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a1273fc1a73712baba00481f7872386018fc62db6c38570bdbf29c4e1f3fd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11727
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9E28580937054D5BB67BA29BA8DEFC2C&RedC=c.clarity.ms&MXFR=39674DE2EFB86C9217505E46EBB86230
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9E28580937054D5BB67BA29BA8DEFC2C&MUID=0901C8604ACB679A3960DBC44B406687

42 B
444 B

51ms
50ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9E28580937054D5BB67BA29BA8DEFC2C&MUID=0901C8604ACB679A3960DBC44B406687
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:47 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ACA8D7E73C524419949386FF4B12233F Ref B: FRA31EDGE0521 Ref C: 2023-10-08T10:56:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9E28580937054D5BB67BA29BA8DEFC2C&MUID=0901C8604ACB679A3960DBC44B406687
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 info_icon_green2.svg
s0.2mdn.net/sadbundle/1925797485347601559/ Frame FAB1 955 B
447 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1925797485347601559/info_icon_green2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1925797485347601559/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Thu, 05 Oct 2023 06:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 418
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 11:44:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 06:21:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078611

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Oct 2023 10:56:48 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 1150ms
474ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Access-Control-Allow-Origin: https://www.bolatimes.com
Date: Sun, 08 Oct 2023 10:56:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6F9 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 21:43:52 GMT
expires: Sun, 06 Oct 2024 21:43:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A77 829 B
558 B 43ms
43ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69cb7cb2a1722fbadce212a0f9648ccb20e27d71eda68c016e6d405a2a7930b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-loRYohwGNwsU1IhhUFWhSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-loRYohwGNwsU1IhhUFWhSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 10:56:48 GMT
expires: Sun, 08 Oct 2023 10:56:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 206
Partial Content 3605ffda-66db-4c24-9abd-4e25d59bd0c9
https://www.bolatimes.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bolatimes.com/3605ffda-66db-4c24-9abd-4e25d59bd0c9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame A6F9 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sat, 07 Oct 2023 19:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 19:05:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A77 0
0 55ms
54ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310040101&jk=3002712496637030&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

GET
H2 200 1 Show response
servicer.mgid.com/1520395/ 2 KB
1 KB 63ms
62ms Script
application/x-javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1520395/1?mp4=1&ap=1&w=1570&h=2&wrongImageSize=1&sz=1x1&szp=1,2&szl=1;2&cols=1&sessionId=65228af0-0218d&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fwww.bolatimes.com%2F&cbuster=1696762608357239871358&pvid=18b0eeeb99484808ba8&implVersion=11&cxurl=https%3A%2F%2Fwww.bolatimes.com%2F&scum=%3F0&scuw=%3F0&niet=4g&nisd=false&pv=5&lct=1695772800&jsv=es6&pageView=1&dpr=1&ref=&tfre=2048

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b2510d76a672bf8cf51e08547814a4a5ccf4db6b97896628aa89e1a16ac213

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 812ddbfe4c36918c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A6F9 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vSq5lA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvNDc1ODIxLzcyZDFjN...
s-img.mgid.com/g/17337106/45x45/-/ 1 KB
2 KB 181ms
132ms Image
image/jpeg 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17337106/45x45/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvNDc1ODIxLzcyZDFjNjk4ZTIxZDhiOWYwZDZmOTQ5NzYxNzliOGNjLmpwZw.jpg?v=1696762608-3EiEUeF9-VZ4btkjrRQCqpvguAF4SyeC7hrPUQt9_cM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f11a2aa7c49c5f4c428d892f9dc0065b317e5346e68347b3d4d4ba5235ca6e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bolatimes.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 00:15:03 GMT
x-mg-request-uuid: 2cc90dd9-b032-4f32-af12-545766b1776d
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 812ddbff0d3e5c68-FRA
content-length: 1389
alt-svc: h3=":443"; ma=86400

GET
H2 206 0b4b4d4b62647354ff55e41ccca7bae2.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-03/635330/ 917 KB
918 KB 82ms
36ms Media
video/mp4 2606:4700:4400::ac40:9281
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-03/635330/0b4b4d4b62647354ff55e41ccca7bae2.mp4?v=1696762608-i4zNEqcz6NHwZIQGWo1FUItU5E-n5Pwp0TQ-TLgGwtg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9281 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff6a4f1d037ee4e10264440d5875f61f3579b72c19b386d2f147ac8c73fe92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Range: bytes=0-

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27485
Content-Range: bytes 0-938950/938951
server-timing: cld-cloudflare;mitm=c;dur=192;start=2023-08-29T04:05:46.159Z;desc=miss;cloudinary;dur=170;start=2023-08-29T04:05:46.179Z
alt-svc: h3=":443"; ma=86400
Content-Length: 938951
last-modified: Wed, 22 Mar 2023 18:16:06 GMT
server: cloudflare
etag: "b40be2b525b14a09acbeb6b83dc0b91a"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, max-age=31536000, no-transform, immutable
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 812ddbff0f1e18f1-FRA

GET
H2 200 /
www.bolatimes.com/ 40 KB
40 KB 38ms
38ms Image
text/html 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P4
age: 3
content-encoding: br
x-cache: Hit from cloudfront
s-device-type: mobile
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lt09u7SHEhVZC4SZZJ0MEu5B8A%2F6mlGKRGrGxt0voPiz4oAy8pMq86xf9xO6DRdLPw5o%2BklGiSh772Hb91mesY0NiSjsHnUjNgmLVa1AiGucJrax3JZ4Rcf0dIKNZAImMHS51aW%2FWmE6uPhJ1Qks"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 812ddbfeca492c2d-FRA
x-amz-cf-id: J1d7U0PKLxzkQQH4bjkf2-VNssXZQn2NqwHj77w2zhinwxIKIFwc3w==

GET
H2 200 i.js Show response
cm.mgid.com/ 0
104 B 39ms
38ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?cbuster=1696762608441375486548

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 812ddbfeccd1918c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame B0CC 0
38 B 35ms
35ms Script
application/javascript 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i-noref.js?cbuster=169676260845080036970

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 812ddbfedce1918c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 136 KB
29 KB 89ms
32ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 10:57:30 GMT
server: cloudflare
x-amz-request-id: 82CTWJ43ZAZ01J33
age: 87
etag: W/"7810b7b6142b3bdb32696e7b2987bc71"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 812ddbff3fc537ef-FRA
x-amz-id-2: Ho7TMT6k99JCtC+MR7AceafH35CR23F5c4FmENM6qWIMAjNVSjWKSPU2tjhSmHVgg6/WNi9wYEQ=

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 72ms
19ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Sun, 08 Oct 2023 10:56:48 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=87917
accept-ranges: bytes
content-length: 63913
expires: Mon, 09 Oct 2023 11:22:05 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5215 42 B
64 B 66ms
66ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstd8KzbQomiocPQkr7daXP7neO0Q-eFBhb0AJ5Y_qQXbypJeKESx_bNGEs5OAs9yOx45CG72JngRIDDC-bJm2TVnNurHTz0jpEz2U0y8qhFsiY5fsgw6OvlUMxmevkl6AgynQg8K-GYxvZzWmpbVEDkbZBkRVwyWTAH9Aqq7ZU9H2CYK2UaZ-C4edSQ0z4hMjIsB0W_mfNJ_Vah3nkkbbKcY6w&sai=AMfl-YRrCwedcT87roCKWFEC_c-VJ49XUVqqZqRXkj9frxqhiK0WMYF0RKU4IWq58l882pIy31j3uB3P8XKWhAgpiCQhN8qQ5DBP4DwXJVC_XtQDh0PxE_G0q1n18Q0W0AnrzsKg609J7YQsUhkcFw&sig=Cg0ArKJSzChbBG2Of3X2EAE&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&id=ampim&o=640,0&d=320,480&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=360&tls=1362&g=100&h=100&tt=1362&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E826 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpv4A7SmDtRtgsYMFVsxf773ME5op17_l40D4TgTugro_79_WhmG2yWUu6BSnvTkWBUmxPYdkzlqw7P4w3eyAQAS7nL8SVG4bmUY0e-19p0NQZ6_KS0Phl5ODr6gVgNNoV9p15apIkm7Ng&sai=AMfl-YQLXHDDFS06kGivoOV5_DPicoHIGmBs1VXa0fZXctagN91yVleUXgtHLkdAdOKbFhQr8_o49Bq45oIRgZcKs__2BUdGZF-AuJHAtVR2uCgN9YDamLI0WXjpdLes2QmtOhTc0GZXb0ZSOLWYnA&sig=Cg0ArKJSzKDULNP5RlpmEAE&cid=CAQSTADICaaNPM8SDAn0ifPDcYFkj_GjYEr3tSZt_o1uYU_7Gq5iXa0s5z_JWjREwJCqY6BIS7s14BDGFi-lYVf97nLLbsYPcQiUczwMbVwYAQ&id=lidar2&mcvt=1003&p=1100,640,1200,960&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2814197318&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696762607280&rpt=531&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310040101&jk=3002712496637030&bg=!XV6lXhHNAAbjlzx0w5c7ADQBe5WfOP0gF6xJRCpIMTDduvkLtHsWBE3UM3_-ZpPqWywRF4AUGPDvuiEa43qR1fXD-3KYAgAAAE9SAAAABmgBBwoAZWWQ3pRQcu1BtWmsGwIF1GYbm4ynSPwjl6IzDV66ZzZzCQ4ZilT5COF_aIOw1PGm7hO5Hgxr_KHxfwA0ZrV8vtOTWL3S4kaPebkKybq0dIGsBuLHhOVcdFOIh4qBFkJ5VB0mIJULmQKwiGF0WugYYrM4noWKmS3XAVkisW32Km7NaL_ZXJUm2iuy499IAbjafZaKeTOaZ6zP4K-NdJDjp3A4bJtDEWL9h_dN6RO8p1ds5dkGGTFq42w4OCEkXMJw0_9YGODIljJIE-j-m1qxJcfrwB6yhe84zeOC-D4_qT-qgnZ72B_df-do9SYoGwuydt4uBbQfKPFdyla5XjwI5hJim93Gy8PXNndV9JJiHvQJ6EhJsfROHhSit4dHQuRf1MoRMuCWDqQQnjIdIPRY5-L60_lmn8VquOH0wunspeYcxaSdzbJy37PLSjl6Rcn7cv8rrv_45UM-2flcDy2DTXenT_DfojL9QKe6xFreOYjqtRbPisfgJ68bWulfGpGcZ-z04DqXEI7Xu0ReOpStrfkTMNmiuNmQGbs7qVH56nI7UuMF7l8FSp-aXnH9oTFvt1OEy6JI5daY8-aBnBGSDmoijVkJyNvfgHMrOTDaKuPheznrIswlYMCPQr3yjQpQcMJkF6BtCmVtJI005WSt94VMWOAZuhBjC15zQkoynTb7-_4nK1VmkMbi2s_vFJokdMMh510lfjGGRK7QE1vFkZkxMpDOfFq6qQdxANqTeAp-x1xZb3tseyqCBiSfO7m3FHF9DUs2gYbl_UpHSukFdClgs-vo7WQ47v6zUOpVMG2Z8HAKs8vUK0EEX38VNxr31rhiqD_-2E7t5jyhvC0LwaN1-MUaji7VPbu8F2J_1teT329qFNfmvawpHNQa0sEIasW_SrAX8Eo0e1usLKM7M1lLtuwOi-CFWWkHBgiK4_oXfnXj6jwqSTQE62KJC6CWQzTUOjQFF7-0aTLkDcl4Y3EbCMYBtFykHLi3Xc4s4_itTvZhWSmI5aKfHtClQEBTio_PkTL2AMd8gxReKmXhi1IPyjCM0oaGHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 4CAC 0
54 B 128ms
125ms Ping
image/gif 2607:f8b0:4023::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lnhcnbcv&c=6206120079248&slotId=3103060039624&qqid=CNXzxqOl5oEDFYO63godjaALGw&fb=web_video-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=500&br=486&mt=video%2Fmp4&vs=720x406&msm=1&aits=0%2C18%2C22%2C692%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&met.4=arp_a_e.lnhcnbcw~vil.lnhcnbk0~vfl.lnhcnbnx&umsem=0&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023::78 Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E826 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7485266594741&version=m202309260101&ct=76&x=1&cor=17876430472103873000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
277 B 76ms
20ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

23b616d2f83ffe139db0e1a645621a4fe5947c07ce87108305f76fa094c1a999

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bolatimes.com
date: Sun, 08 Oct 2023 10:56:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v2 Show response
id5-sync.com/gm/ 276 B
559 B 78ms
23ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

5ce35aa0b845b9d777669b64281dc27b8a39cea71de4dd240f849b10d5346434

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bolatimes.com
date: Sun, 08 Oct 2023 10:56:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 116ms
115ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.12/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Access-Control-Allow-Origin: https://www.bolatimes.com
Date: Sun, 08 Oct 2023 10:56:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je3a40&_p=1272748223&cid=881353073.1696762606&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1696762606&sct=1&seg=1&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&_s=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 10:56:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bolatimes.com/	1970-01-21 00:55:22	Name: _ga Value: GA1.2.881353073.1696762606
.bolatimes.com/	1970-01-20 15:20:49	Name: _gid Value: GA1.2.431206431.1696762607
.bolatimes.com/	1970-01-20 15:19:22	Name: _gat Value: 1
.mgid.com/	1970-01-20 15:19:24	Name: __cf_bm Value: 5vhjR.kKKTs6l5jCym0IgchcIJqHF2KWNtBbwWy58bI-1696762606-0-AebMgGGPDfP5vzU8Nc/x6bL3qWik7/CpjQSME8V5gqFj2ZuoanSlaW+zOiUbQDH8ENJyfeMS5134oFHZMSn1zHc=
www.clarity.ms/	1970-01-21 00:04:58	Name: CLID Value: 3ca3d331e61a40339acc692badcc0114.20231008.20241007
.bolatimes.com/	1970-01-21 00:04:58	Name: _clck Value: h09qas\|2\|ffo\|0\|1376
.bolatimes.com/	1970-01-21 00:40:58	Name: __gads Value: ID=99a030b502283130:T=1696762606:RT=1696762606:S=ALNI_MY7vJNkvgpx8avOwsZ_uzPmDX6cGw
.bolatimes.com/	1970-01-21 00:40:58	Name: __gpi Value: UID=00000c91b48d7b3a:T=1696762606:RT=1696762606:S=ALNI_MZyz1A40t6uAzLz2Mn1WU6OAhzYKg
.doubleclick.net/	1970-01-21 00:40:58	Name: IDE Value: AHWqTUkiWrIBMjhCoJKDehFM11VWnv6AC-sgaMdbJ7KNVGfo5cMEXfGlt6E7gsmaG7E
.bolatimes.com/	1970-01-21 00:55:22	Name: _ga_R6NQQ7RXT0 Value: GS1.1.1696762606.1.1.1696762607.59.0.0
.izooto.com/	1970-01-21 00:55:22	Name: IZCID Value: 4e928325-18f7-4d35-8f78-e2dea1d8cad8
.bolatimes.com/	1970-01-20 15:20:49	Name: _clsk Value: 9chqmh\|1696762607675\|1\|1\|t.clarity.ms/collect
.doubleclick.net/	1970-01-20 15:19:26	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-21 00:04:58	Name: CMID Value: ZSKK7yWiSeI8aJUwARUnJQAA
.casalemedia.com/	1970-01-20 17:28:58	Name: CMPS Value: 5201
.casalemedia.com/	1970-01-20 17:28:58	Name: CMPRO Value: 5201
.adnxs.com/	1970-01-20 17:28:58	Name: uuid2 Value: 4297917317842978384
.adnxs.com/	1970-01-20 17:28:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>@ttw-6!]tbPl1M>e)ZlrFUfJ+tGXxpOV?`/1TG$TnAI>BVy8C[9#0u.b#s6FBvAWVbpRzqF1`b_IV*$Nzp
.googleadservices.com/	1970-01-20 17:28:58	Name: ar_debug Value: 1
.bing.com/	1970-01-21 00:40:58	Name: MUID Value: 0901C8604ACB679A3960DBC44B406687
.c.bing.com/	1970-01-20 15:29:27	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:40:58	Name: SRM_B Value: 0901C8604ACB679A3960DBC44B406687
www.bolatimes.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1520395%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221696762608427%22%7D%7D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:40:58	Name: MUID Value: 0901C8604ACB679A3960DBC44B406687
.c.clarity.ms/	1970-01-20 15:29:27	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:19:23	Name: ANONCHK Value: 0
www.bolatimes.com/	1970-01-20 16:02:34	Name: _pbjs_userid_consent_data Value: 3524755945110770

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e25af42c407e650ec15c2b1ed26548e.safeframe.googlesyndication.com
ads.pubmatic.com
api.realtimely.io
assets.bolatimes.com
bid.g.doubleclick.net
c.bing.com
c.clarity.ms
c.mgid.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.izooto.com
cdnjs.cloudflare.com
cl.imghosts.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
jsc.mgid.com
lb.eu-1-id5-sync.com
media.bolatimes.com
media.suara.com
pagead2.googlesyndication.com
r3---sn-4g5e6nzz.c.2mdn.net
region1.analytics.google.com
s-img.mgid.com
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
stats.g.doubleclick.net
t.clarity.ms
tpc.googlesyndication.com
ua.realtimely.io
www.bolatimes.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.27.193
142.250.186.66
162.19.138.119
162.19.138.82
185.89.211.84
20.114.189.70
2001:4860:4802:34::36
216.58.206.34
216.58.212.162
23.32.184.192
2606:4700:10::6816:3556
2606:4700:10::ac43:f6c
2606:4700:1::6813:814c
2606:4700:1::6813:844c
2606:4700:20::681a:14b
2606:4700:20::681a:82c
2606:4700:20::ac43:45e2
2606:4700:4400::ac40:9281
2606:4700::6811:180e
2606:4700::6812:d841
2607:f8b0:4023::78
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:1::8
2a00:1450:4001:800::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9c
2a03:2880:f083:9:face:b00c:0:3
64.233.184.156
68.219.88.97
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
05b16802d382b669e0d5e2c5c44b7d1269334df341650d62bf895fb10f587b2c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a1273fc1a73712baba00481f7872386018fc62db6c38570bdbf29c4e1f3fd3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0188c48ab8424aa92ea2893388576c6e4feac9602110dbf6d0458e1dcf22e7
14bcf2fc55ab84879c8921f46b78390a170331bcdc34b0a31c87f8799323b53a
15f1a9162f8b23fbefabc5cf46391cbe497e60b62ca7aac69161f66d5f4f8ae8
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16b02deae31dfbeb6fe3a1a237df0f07be872bdd04f7a1142f27e6876fbbc333
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1bdbc1eb98f5f8d1ea70977b0c83e3b8ae2406c064f3455d8ff74704d8bd322e
200806660678f77a609672e6511b753daa50a148b89fba26584272ef0f044cd4
23b616d2f83ffe139db0e1a645621a4fe5947c07ce87108305f76fa094c1a999
2eadf86ab162e1d578164338aea12323e59534a9d43fbd526d609a667965003d
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3354f69c3a6ff57792925385a7969593f09e0101dadb55bf97dfec6b042728b7
33b67867d9b5e7368c145a0e6cd5eadcefaf748375fe7fa0efeae7bf09add492
35e68c9e35c407bf89ac4d4c52a97a66a68be0834358b72678d89252294aa005
3be61af8ca1be1fea37c76d6fcaa4c3076fe975ceed168c92f786f19bed21392
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3f25d45fef15a19a0ca5c6ceca5853982dc4a7f2dedf315fcfc4c7d5ea5a24a7
40a37673e327753478f464fbcbfae6cb4fc25108e57fa4c310a514b41c5a9f7c
40e5ad82e953ba7aae04c19f915981f2d8474dfc289466d6237faf009abc2cd3
414405a41dc818b5d2d5fbf03f51c04177651c751cf3d0fca72804b7b3fed16c
419d893194f69ac2db2e074e5080893756f9dd61824311b40fc29d7a5150c93d
41b18c9bf802b571620cc982322287b5dc4254db9a4d88e409b2940218673a60
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4561458a80ca94b698ec8c58e55bb29b7e46bd663fedc2f1b5fe57943eedc25f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
4ff6a4f1d037ee4e10264440d5875f61f3579b72c19b386d2f147ac8c73fe92d
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51003b78d5d1f9a4004c95583d27f9a3d90c58255bbe4db1251dd9615a1d0ee2
535520dc8857dfcf9610d361f99e9d419786585dda328a3f6635eba5982803d4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ce35aa0b845b9d777669b64281dc27b8a39cea71de4dd240f849b10d5346434
5f8af653199669ec9c5aa0ae56efb4d010ddbad370d27100ee9811058f1ded31
5fe10d22627b04079f10250845bccdd07f7ac5e86f4a1cb8005344a620d1d378
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
677e82e25404550de66bc0556dc5607d07177827ae3a1f068042e2d136bdc65d
69cb7cb2a1722fbadce212a0f9648ccb20e27d71eda68c016e6d405a2a7930b8
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ed654d864a83081f65642d7c153595a722b58a0ab5776dba72f2c767b41930f
74981cb09dd218c19461cb24e26866c319bbc5bce587f22aedd218469ececc79
75c6b260fee00db1fe67db954b335fcb5f19f4d339f33ba1228b90a54ea88042
787b56142db4c0a5e6fb21531944e1dca215e14d02867fe40a326b26d08995a4
7898cbdb9f85256c3faa4087495ba8efd913651310ff3a38ec09e403bf250c2b
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7a8f6b9d1ced96d2b4087dbcfcdb70fec9c1111a5a4588642e35b9c571884941
7b051e91c4152250e78940e4bccae03d710d4e26a24f4bcb405291d9b75bd2a0
7c74fdb850c236f9c4d37617751eace1f3f22eb0886b959278b399aee0d4450f
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
817c356f21486b62d62a46a0cb5dcc6a4899e18d091d06a28472fefb54c0c15a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
883a29c21486a48d72aa479ea8b908b107903e004718806406b6ca60b0782dbc
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8b0d8d7b02ba866840b7efdc13935087a1a24133108a3ba8e83bef6ce83b17e4
8f11a2aa7c49c5f4c428d892f9dc0065b317e5346e68347b3d4d4ba5235ca6e0
91b2510d76a672bf8cf51e08547814a4a5ccf4db6b97896628aa89e1a16ac213
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94c02a86ea35dbd60a2359445f117d1faec01986f211ca967e52c382b8fcc0e6
95cd0c0f4ec29744afef0d2b001f3affe95419106afff4f93339574c9067db51
95ef3768ec0f5da28f4b121793f4f71d60b411c53569b19aa2a48cead3c3c7a7
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0fc06cad863bf4d0bc2fea3b3e88aade6454d848b1f089c717f93f25347640
9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3412226f2747d70f2b4c65b43f891c9711ed6dd0df58cb37d45fad386e33059
a54dfae1c3497141384ac0f7b651cfa51a2a74e777d11a7b5a185f0b2182f837
a63fc1ddc963bb7b1fa84264c2d2650dd951ff93719bd7a9569c2ab632f49d99
a6c3c5ac5900e2fdeeea6e3c9514871617b72608b224e33f329b0b4d8e91a85f
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab6a4b24914043e50e5be2a01c4829b2cc8ad6f6e6ebed76d77634a56b02453c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a4198aac2107c45dc0d5c25bb2e1ad3420efc9fcc02cd7c2fe7cfee0d2b880
b69f62c23c32d363eca98482ad5b3399aafad09de4bfa76c661d287eec783159
b72047e106d8af7cd4e767569535ab3761130c42e32060d5daf940ccaab6382f
b86e678f724241714425a98d49c80fcdee4cf52b93c913b56ae403d2e423d3e4
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545
c4c5e27fc963fc2e305676877f0a878895401cb73e4b0f43b513c356cb991bce
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c6f5e506db19cb972a8173e9a44a15402ee87b6fc3dac64e399a0215f58698f0
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
c96d78e994736f78449cabb5f36989a38a6f1f5fd98473488ca6a22bf4e1e89e
caaac5ceac0b6ddb9faf4d2adef2368a5fa9e3ed07f7d2455d4af0cf5bc82db2
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d418ae6c99d8c30ef4366e7203240880506d01cec9f8986c1cd562f9fd79937f
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d627cb536ab6c40fda9104eeff862acb873ab09aa8af52009ba658291b2fda26
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03a999b8433a618cf9396f440bc28c2170c56cd0687c0b84e22ca5789cd5d6
eae6ec35271b5240060c11bdabd4e0f3308cd981d4822da9734b4667df33cb27
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30706f6f7b483dea438968b354d5329358eda60a7f5b0c864576b12e4d1c769
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f88b9cc78e1698bac982d615bfc953a2bcfb1f30b9372763a8ca6a5f81095910
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
f912229a91ef5a43ee72f2aa9d2e1969feea6cfdb6318fa34fa814171b7a1d24
fa03e14db9e4a4f968fb0ab7eafa9a90dd7ed860cf809fe1557fba126bf34380
fa4ae93330f3a0b8e253e34bc6d66018d996fb5d56ef0802e6def0d91fd035c0
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

www.bolatimes.com Open in urlscan Pro 2606:4700:20::ac43:45e2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

168 Requests

93 %HTTPS

75 %IPv6

27 Domains

49 Subdomains

43 IPs

5 Countries

4713 kBTransfer

8525 kBSize

28 Cookies

20 Outgoing links

Page URL History

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bolatimes.com Open in urlscan Pro
2606:4700:20::ac43:45e2 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

93 %
HTTPS

75 %
IPv6

27
Domains

49
Subdomains

43
IPs

5
Countries

4713 kB
Transfer

8525 kB
Size

28
Cookies

168 HTTP transactions
5 data transactions