www.bolatimes.com Open in urlscan Pro
2606:4700:3034::681b:9168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bolatimes.com/
Effective URL:
https://www.bolatimes.com/
Submission: On October 11 via api (October 11th 2020, 4:04:30 pm UTC) from GB

Summary HTTP 106 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 18 domains to perform 106 HTTP transactions. The main IP is 2606:4700:3034::681b:9168, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bolatimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2020. Valid for: a year.

This is the only time www.bolatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 47	2606:4700:303... 2606:4700:3034::681b:9168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
6	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	65.9.96.53 65.9.96.53	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.96.60 65.9.96.60	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.111.253.46 104.111.253.46	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.96.115 65.9.96.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	13.124.83.177 13.124.83.177	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	43.227.116.104 43.227.116.104	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	211.231.100.211 211.231.100.211	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
1 1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
1	13.124.190.254 13.124.190.254	16509 (AMAZON-02) (AMAZON-02)
106	24

47 2606:4700:3034::681b:9168 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)

m.suara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.253.46 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-253-46.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.124.83.177 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-124-83-177.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.227.116.104 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

ace-sync.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.231.100.211 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.124.190.254 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-124-190-254.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	bolatimes.com 1 redirects bolatimes.com www.bolatimes.com assets.bolatimes.com media.bolatimes.com	682 KB
19	googlesyndication.com b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	234 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	145 KB
5	ampproject.org cdn.ampproject.org	108 KB
5	google.com 1 redirects adservice.google.com www.google.com	494 B
4	dable.io static.dable.io api.dable.io adx.dable.io	31 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	izooto.com cdn.izooto.com	35 KB
2	googletagservices.com www.googletagservices.com	55 KB
2	facebook.net connect.facebook.net	64 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
1	daum.net analytics.ad.daum.net	571 B
1	toast.com ace-sync.toast.com	650 B
1	google.de www.google.de	106 B
1	google.ch adservice.google.ch	890 B
1	facebook.com www.facebook.com	264 B
1	suara.com m.suara.com
106	18

	Domain	Requested by
27	assets.bolatimes.com	www.bolatimes.com assets.bolatimes.com
18	media.bolatimes.com	www.bolatimes.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.bolatimes.com cdn.ampproject.org tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.bolatimes.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	www.bolatimes.com securepubads.g.doubleclick.net
4	www.google.com	1 redirects www.bolatimes.com securepubads.g.doubleclick.net
3	b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.izooto.com	www.bolatimes.com cdn.izooto.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	api.dable.io	static.dable.io
2	connect.facebook.net	www.bolatimes.com connect.facebook.net
2	www.googletagmanager.com	www.bolatimes.com
1	adx.dable.io	www.bolatimes.com
1	cm.g.doubleclick.net	1 redirects
1	analytics.ad.daum.net	www.bolatimes.com
1	ace-sync.toast.com	www.bolatimes.com
1	googleads.g.doubleclick.net	www.bolatimes.com
1	www.google.de	www.bolatimes.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	www.facebook.com	www.bolatimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	certify.alexametrics.com	www.bolatimes.com
1	static.dable.io	www.bolatimes.com
1	m.suara.com	www.bolatimes.com
1	certify-js.alexametrics.com	www.bolatimes.com
1	www.bolatimes.com
1	bolatimes.com	1 redirects
106	30

This site contains links to these domains. Also see Links.

Domain
arkadiacorp.com
www.suara.com
www.matamata.com
www.hitekno.com
www.dewiku.com
www.mobimoto.com
www.guideku.com
www.himedik.com
www.serbada.com
www.facebook.com
twitter.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.suara.com Go Daddy Secure Certificate Authority - G2	`2019-09-23` - `2020-11-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
static.dable.io Let's Encrypt Authority X3	`2020-08-25` - `2020-11-23`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.google.ch GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.dable.io Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2020-05-12` - `2022-08-10`	2 years	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2018-12-11` - `2021-02-08`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.bolatimes.com/
Frame ID: 4A77E1C7E04D023BB16FC99617389DEC
Requests: 80 HTTP requests in this frame

Frame: https://m.suara.com/feed/widget/bola?mode=vertical&utm_source=widget&utm_medium=bolatimes
Frame ID: BBDAC19075E6D6118C36B5A63E4C218B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: CA1D6CB95EBE99977F82D7A1BA741064
Requests: 1 HTTP requests in this frame

Frame: https://b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 50F7512F51BF0D5B33F74C18DAA69F4A
Requests: 1 HTTP requests in this frame

Frame: https://b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 97085537A05966352590286AE4FFC114
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4OMJx8UZCVTSCQ35x5CO8x3vSexOwoktJtz0OL0b9NKpb6OYcr1ESRThL4XDIJo-fcXoHZFp10SIjgRWZArYqAjlEEsnfQz20CU63QRzKFlCJD3y5o80-uviLs-3OcS_nqeb3CqeqssiTTf8qh1jXxbeE-AJ4T7cpiqvoOYXWlQi5npMlxugBh66BnXeXT9LYeylt8ZSzenQWdUe1BpQ8mWItQhB8yuipLcVhbQQqafHeztk3SFOknxyXPgn_aN3PJyxFrX9cIC_v2g&sai=AMfl-YS60zcMpXblYzg2yRUhp7E3lDUbs4kOaW9nQHOyK-Xaz7qbF-12YBdKXQHdWpjvAQ14snButhxD-IOZW6pcTt9ZFllx4u4qVyZ6Lhz-gkGsFC-giapK4dafnIwuvjWJ&sig=Cg0ArKJSzMVXKLppghkmEAE&adurl=
Frame ID: 4B8D277DBF0C49B12FF34BE2C33348D2
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js
Frame ID: C450E16F7C58C97F0C1AC48E7DFF83ED
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 5F6D058CFAF3CCA12ACB9309552255D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bolatimes.com/ HTTP 301
https://www.bolatimes.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

106
Requests

100 %
HTTPS

58 %
IPv6

18
Domains

30
Subdomains

24
IPs

6
Countries

1447 kB
Transfer

2907 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://arkadiacorp.com/
Title: Arkadia Digital Media:

Search URL Search Domain Scan URL

URL: https://www.suara.com/
Title: Suara.com

Search URL Search Domain Scan URL

URL: https://www.matamata.com/
Title: MataMata.com

Search URL Search Domain Scan URL

URL: https://www.hitekno.com/
Title: HiTekno.com

Search URL Search Domain Scan URL

URL: https://www.dewiku.com/
Title: DewiKu.com

Search URL Search Domain Scan URL

URL: https://www.mobimoto.com/
Title: MobiMoto.com

Search URL Search Domain Scan URL

URL: https://www.guideku.com/
Title: GuideKu.com

Search URL Search Domain Scan URL

URL: https://www.himedik.com/
Title: HiMedik.com

Search URL Search Domain Scan URL

URL: https://www.serbada.com/
Title: Serbada.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BolaTimes-422088054911458/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/bolatimesdotcom
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/bolatimesdotcom
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bolatimes.com/ HTTP 301
https://www.bolatimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEDk2-SvyqYkTDSAJKv7t4Hc&google_cver=1

106 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bolatimes.com/
Redirect Chain

http://bolatimes.com/
https://www.bolatimes.com/

176 KB
18 KB

221ms
189ms

Document
text/html

2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db6ab3004e72b26d8809429dc25e14e5cee63d6e8043b6ad4ad0f33986a8f6c

Request headers

:method: GET
:authority: www.bolatimes.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d8ea74834ff63d1e56b97ea1b7e8c2a9b1602432248
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 11 Oct 2020 16:04:08 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=30
cf-cache-status: HIT
cf-request-id: 05ba00c1ee00002fa59d8e3200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432248"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 5e09d0afe9432fa5-FRA
content-encoding: br

Redirect headers

Date: Sun, 11 Oct 2020 16:04:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8ea74834ff63d1e56b97ea1b7e8c2a9b1602432248; expires=Tue, 10-Nov-20 16:04:08 GMT; path=/; domain=.bolatimes.com; HttpOnly; SameSite=Lax
Location: https://www.bolatimes.com/
CF-Cache-Status: DYNAMIC
cf-request-id: 05ba00c0fc00001f3d2bb62200000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432248"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5e09d0ae6c411f3d-FRA

GET
H2 200 bitter-v13-latin-regular.woff2
assets.bolatimes.com/frontend/font/bitter/ 28 KB
28 KB 238ms
208ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/font/bitter/bitter-v13-latin-regular.woff2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa224f0529027fd03eecdf96a20811ac7d22648c2bc53b26302e231cc82b262

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 28972
cf-request-id: 05ba00c2ce0000e003a190d200000001
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
etag: "5c19f06f-712c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b14a3ee003-FRA

GET
H2 200 bitter-v13-latin-700.woff2
assets.bolatimes.com/frontend/font/bitter/ 9 KB
9 KB 234ms
204ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/font/bitter/bitter-v13-latin-700.woff2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f816cb8ff889233ee6ee121d66a7ee7ec2b966c4a47a89db38e75135b7c5de5

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 9368
cf-request-id: 05ba00c2ce0000e003a190e200000001
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
etag: "5c19f06f-2498"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b14a3fe003-FRA

GET
H2 200 lato-v14-latin-regular.woff2
assets.bolatimes.com/frontend/font/lato/ 23 KB
23 KB 229ms
200ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/font/lato/lato-v14-latin-regular.woff2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 23316
cf-request-id: 05ba00c2cf0000e003a190f200000001
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
etag: "5c19f06f-5b14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b14a42e003-FRA

GET
H2 200 lato-v14-latin-italic.woff2
assets.bolatimes.com/frontend/font/lato/ 24 KB
24 KB 223ms
194ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/font/lato/lato-v14-latin-italic.woff2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f15027c3aadf50ab39cea089b1f8aa3a18da7c47b30569c1f7489470c05292

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 24192
cf-request-id: 05ba00c2cf0000e003a1910200000001
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
etag: "5c19f06f-5e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b14a44e003-FRA

GET
H2 200 lato-v14-latin-700.woff2
assets.bolatimes.com/frontend/font/lato/ 22 KB
22 KB 248ms
218ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/font/lato/lato-v14-latin-700.woff2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 22820
cf-request-id: 05ba00c2cf0000e003a1911200000001
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
etag: "5c19f06f-5924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b14a46e003-FRA

GET
H2 200 lato-v14-latin-700italic.woff2
assets.bolatimes.com/frontend/font/lato/ 24 KB
24 KB 225ms
195ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/font/lato/lato-v14-latin-700italic.woff2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61da7dac4b0f552e25b44adb91ee72ccd269d91a09e4555619bef5c2d9946d60

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 24240
cf-request-id: 05ba00c2cf0000e003a1912200000001
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
etag: "5c19f06f-5eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b14a49e003-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 48ms
41ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-115461612-1

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43e6facf4dbdce621888f16805361cd2a925f393ae24fde6416acc6584b52a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37238
x-xss-protection: 0
last-modified: Sun, 11 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Oct 2020 16:04:08 GMT

GET
H2 200 fontawesome-all-mod.min.css
assets.bolatimes.com/frontend/plugin/font-awesome/css/ 2 KB
679 B 199ms
188ms Stylesheet
text/css 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/plugin/font-awesome/css/fontawesome-all-mod.min.css
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95990133290b3070e866f0ab7999a8ac5152c0868d2ac82de7cf05333089c37c

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Jul 2019 06:06:13 GMT
server: cloudflare
status: 200
etag: W/"5d3946d5-892"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b12c472fa5-FRA
cf-request-id: 05ba00c2bb00002fa59d8fa200000001

GET
H2 200 custom.min.css
assets.bolatimes.com/frontend/css/ 23 KB
5 KB 186ms
176ms Stylesheet
text/css 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/css/custom.min.css?v=4
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68cf74a2bd0bbc7f96425a24aed8c2b193aec8a9d2271e836be63e36cc2b1d1b

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jun 2020 03:14:57 GMT
server: cloudflare
status: 200
etag: W/"5eeadc31-5a0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b12c4d2fa5-FRA
cf-request-id: 05ba00c2bb00002fa59d8fb200000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
17 KB 67ms
60ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

c7670d675d7786610688e0281807701cc104cf2ea904e2f0b40b1cd8dc39fe65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "659 / 488 of 1000 / last-modified: 1602281443"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17598
x-xss-protection: 0
expires: Sun, 11 Oct 2020 16:04:08 GMT

GET
H2 200 i-arkadia.png
assets.bolatimes.com/frontend/images/ 1 KB
1 KB 203ms
196ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-arkadia.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf5d4b5623422b6407f7dd888a52685f50a47f0af748fcf1cff0ae82d196e7c0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1026
cf-request-id: 05ba00c38100002fa59d918200000001
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
etag: "5b448426-402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f362fa5-FRA

GET
H2 200 i-suara.png
assets.bolatimes.com/frontend/images/ 99 KB
99 KB 216ms
209ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-suara.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f91e4e75872be104a4ccb8eda2fe4422be8ee38d33c68f511799a1577a739d3d

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 101041
cf-request-id: 05ba00c38100002fa59d919200000001
last-modified: Mon, 16 Mar 2020 10:35:22 GMT
server: cloudflare
etag: "5e6f566a-18ab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f382fa5-FRA

GET
H2 200 i-matamata.png
assets.bolatimes.com/frontend/images/ 1 KB
2 KB 207ms
200ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-matamata.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d8857a30f9a02ad7953b490bcfb9ada43e22ef283a06ce5b231469c9532167

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1381
cf-request-id: 05ba00c38100002fa59d91a200000001
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
etag: "5b448426-565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f392fa5-FRA

GET
H2 200 i-hitekno.png
assets.bolatimes.com/frontend/images/ 1 KB
1 KB 200ms
194ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-hitekno.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cdbab58dbd850901a8d1f4d3007fe515fd4ab8ac4f70edaddd1feb0646f34c0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1216
cf-request-id: 05ba00c38100002fa59d91b200000001
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
etag: "5b448426-4c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f3b2fa5-FRA

GET
H2 200 i-dewiku.png
assets.bolatimes.com/frontend/images/ 1 KB
1 KB 192ms
186ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-dewiku.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f2e6291ee7ec6c1678dff7f49320b8a6876c6ca9897eb0e97a8479263cf08f

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1186
cf-request-id: 05ba00c38100002fa59d91c200000001
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
etag: "5b448426-4a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f3c2fa5-FRA

GET
H2 200 i-mobimoto.png
assets.bolatimes.com/frontend/images/ 2 KB
2 KB 194ms
188ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-mobimoto.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dad0b46791364798dec358fa60756c40523e86dafd63b203a694866f8370ddf

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1546
cf-request-id: 05ba00c38200002fa59d91d200000001
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
etag: "5b448426-60a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f3d2fa5-FRA

GET
H2 200 i-guideku.png
assets.bolatimes.com/frontend/images/ 1 KB
1 KB 195ms
190ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-guideku.png?v=1
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55936f2b26e60bbbb552abf81513309df3c92eebb22eea36a699e9d4640d4091

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1354
cf-request-id: 05ba00c38200002fa59d91e200000001
last-modified: Thu, 19 Jul 2018 10:15:07 GMT
server: cloudflare
etag: "5b5064ab-54a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f3e2fa5-FRA

GET
H2 200 i-himedik.png
assets.bolatimes.com/frontend/images/ 1 KB
1 KB 206ms
201ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-himedik.png?v=1
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf571d1d274c77ecd695c8def5ba803353b5d7f670345b2d319863281adb614

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 1256
cf-request-id: 05ba00c38200002fa59d91f200000001
last-modified: Thu, 19 Jul 2018 10:15:06 GMT
server: cloudflare
etag: "5b5064aa-4e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f3f2fa5-FRA

GET
H2 200 i-serbada.png
assets.bolatimes.com/frontend/images/ 550 B
783 B 199ms
194ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/i-serbada.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eafc16802d643742271fd863dde14b896e0f12d2cb36a0992b18eadba5951df

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 550
cf-request-id: 05ba00c38200002fa59d920200000001
last-modified: Tue, 10 Dec 2019 11:05:54 GMT
server: cloudflare
etag: "5def7c12-226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f412fa5-FRA

GET
H2 200 logo.png
assets.bolatimes.com/frontend/images/ 4 KB
4 KB 189ms
185ms Image
image/png 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/frontend/images/logo.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e364e6d2bdc1902aace5340ff07e189082ab4e63083dda3c9d6e1600d9206e7d

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 3848
cf-request-id: 05ba00c38200002fa59d921200000001
last-modified: Fri, 29 May 2020 03:00:27 GMT
server: cloudflare
etag: "5ed07acb-f08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26f422fa5-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
33 KB 48ms
44ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFVNJ45

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4920200be4c4757b8138f1c7a3f59226a9a0a012abe65a96b35aae4d7bb28f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33952
x-xss-protection: 0
last-modified: Sun, 11 Oct 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Oct 2020 16:04:08 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 135ms
43ms Script
text/javascript 65.9.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 09 Oct 2020 00:43:22 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 228047
ETag: W/"96c08723796affab377d9bb08d631cd0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: uV5K93kPfSrTXmUR5_oPWMaGGFgS9XHhpAtPl2m93enrUWf0VoKXJg==

GET
H2 200 8dbc0164330bc407dc9ee63a0e86a3b327262800.js Show response
cdn.izooto.com/scripts/ 2 KB
1 KB 52ms
28ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/8dbc0164330bc407dc9ee63a0e86a3b327262800.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62354488979b63e0fd172699c6089af6a2ddb48270bb2387b04780c058ddd28

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 82765
status: 200
last-modified: Sat, 10 Oct 2020 16:43:38 GMT
cf-request-id: 05ba00c392000005f9ed217200000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
cf-ray: 5e09d0b2889205f9-FRA
expires: Mon, 19 Oct 2020 16:04:08 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
assets.bolatimes.com/frontend/js/ 94 KB
32 KB 25ms
17ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/jquery-1.11.2.min.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 436
status: 200
cf-request-id: 05ba00c38100002fa59d917200000001
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
etag: W/"5b448426-176bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 5e09d0b26f342fa5-FRA

GET
H2 200 jquery.ellipsis.min.js Show response
assets.bolatimes.com/frontend/js/ 977 B
547 B 217ms
213ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/jquery.ellipsis.min.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c9b646f14973c302bfb1cdd4e51703c30af897556ae369d5eb6ec842ef53f37

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
status: 200
etag: W/"5c19f06f-3d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b26f432fa5-FRA
cf-request-id: 05ba00c38200002fa59d922200000001

GET
H2 200 jquery.sticky.min.js Show response
assets.bolatimes.com/frontend/js/ 743 B
409 B 205ms
202ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/jquery.sticky.min.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed4805c41db530b80df9b1e080d3a54f1cb0a945f2e015ad5d27298f02cd875

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Dec 2018 07:17:02 GMT
server: cloudflare
status: 200
etag: W/"5c19f06e-2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b26f442fa5-FRA
cf-request-id: 05ba00c38200002fa59d923200000001

GET
H2 200 jquery.sticky-kit.js Show response
assets.bolatimes.com/frontend/js/ 3 KB
1 KB 189ms
186ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/jquery.sticky-kit.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0001b2532614a6f5676c8d0ba12e6ae09c4c91987a9f53234573b77760265685

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 10 Jul 2018 10:02:14 GMT
server: cloudflare
status: 200
etag: W/"5b448426-abc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b26f452fa5-FRA
cf-request-id: 05ba00c38200002fa59d924200000001

GET
H2 200 lazysizes.min.js Show response
assets.bolatimes.com/frontend/js/ 7 KB
3 KB 196ms
192ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/lazysizes.min.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc339d2b76c962291530a8a96f2e9f1ad824e862606b29c3fd54b7663ef0f64

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Dec 2018 07:17:03 GMT
server: cloudflare
status: 200
etag: W/"5c19f06f-1a13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b26f472fa5-FRA
cf-request-id: 05ba00c38200002fa59d925200000001

GET
H2 200 modernizr.custom.js Show response
assets.bolatimes.com/frontend/js/ 10 KB
4 KB 208ms
205ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/modernizr.custom.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef149ab7011dd298dad7c39e84b6d3ddd70c81e493b0a73388609f7cb76652ac

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jun 2020 03:14:57 GMT
server: cloudflare
status: 200
etag: W/"5eeadc31-26fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b26f4a2fa5-FRA
cf-request-id: 05ba00c38200002fa59d926200000001

GET
H2 200 custom.min.js Show response
assets.bolatimes.com/frontend/js/ 4 KB
1 KB 196ms
193ms Script
application/javascript 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/js/custom.min.js?v=4
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecde2730ad3eb71be321fe771aaaaf84aa7790272ccc34d77325afd9f18c980

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jun 2020 03:14:57 GMT
server: cloudflare
status: 200
etag: W/"5eeadc31-f7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e09d0b27f532fa5-FRA
cf-request-id: 05ba00c38600002fa59d927200000001

GET
H2 200 fa-brands-400.woff2
assets.bolatimes.com/frontend/plugin/font-awesome/webfonts/ 53 KB
53 KB 195ms
195ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/plugin/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: assets.bolatimes.com
URL: https://assets.bolatimes.com/frontend/plugin/font-awesome/css/fontawesome-all-mod.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69

Request headers

Origin: https://www.bolatimes.com
Referer: https://assets.bolatimes.com/frontend/plugin/font-awesome/css/fontawesome-all-mod.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 54488
cf-request-id: 05ba00c3850000e003a1920200000001
last-modified: Tue, 10 Jul 2018 10:02:34 GMT
server: cloudflare
etag: "5b44843a-d4d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26d0be003-FRA

GET
H2 200 fa-solid-900.woff2
assets.bolatimes.com/frontend/plugin/font-awesome/webfonts/ 39 KB
39 KB 198ms
197ms Font
application/octet-stream 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/frontend/plugin/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: assets.bolatimes.com
URL: https://assets.bolatimes.com/frontend/plugin/font-awesome/css/fontawesome-all-mod.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

Origin: https://www.bolatimes.com
Referer: https://assets.bolatimes.com/frontend/plugin/font-awesome/css/fontawesome-all-mod.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 40148
cf-request-id: 05ba00c3850000e003a1921200000001
last-modified: Tue, 10 Jul 2018 10:02:34 GMT
server: cloudflare
etag: "5b44843a-9cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 5e09d0b26d0ee003-FRA

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a77e3de0205a463c08b9b70e518d4f7fdfc5bedac3dcf2a58355756accf1795c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 919 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93eb0949ec3c6b0b72bddd728c49d1a44a787522751d3471853659c3758ad57e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bola
m.suara.com/feed/widget/ Frame BBDA 0
0 934ms
819ms Document
text/html 65.9.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m.suara.com/feed/widget/bola?mode=vertical&utm_source=widget&utm_medium=bolatimes
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: m.suara.com
:scheme: https
:path: /feed/widget/bola?mode=vertical&utm_source=widget&utm_medium=bolatimes
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolatimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bolatimes.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Sun, 11 Oct 2020 16:04:09 GMT
server: nginx
s-device-type: mobile
x-cache: Miss from cloudfront
via: 1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: PMXgOV88qprobCkEjKkzYLLNLGoTI0ep_BuPFGfJlyrj1Cmq0xDGgw==

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 131 KB
34 KB 26ms
26ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/8dbc0164330bc407dc9ee63a0e86a3b327262800.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843411847040fe6e6b2e2d16acd417da0762f627efdb84ace0f4961c90074a65

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 336723
cf-polished: origSize=134182
status: 200
last-modified: Wed, 07 Oct 2020 18:31:33 GMT
cf-request-id: 05ba00c3ef000005f9ed21f200000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
cf-ray: 5e09d0b31a8a05f9-FRA
expires: Mon, 19 Oct 2020 16:04:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9dfdb40415dc52c33fc25d654890a4704b6909d3ddf8690d525b93b2b8528dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: s3Pj203yuuBE7u7CprDTUA==
status: 200
cross-origin-resource-policy: cross-origin
expires: Sun, 11 Oct 2020 16:15:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "0307d677acab3c38d36699df214cab2c"
x-fb-debug: oHjcBqu4wPiLUPmqtrb2xaQ//px9M87NDeK1Xj+NdngGDTP7Zhu9JlZpMGAy73+gtx/tP3oL0AlwpSYkujdOtw==
x-fb-trip-id: 664085054
x-fb-content-md5: a737da07c2365b2ded13fc031fc9f869
date: Sun, 11 Oct 2020 16:04:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 90 KB
29 KB 116ms
47ms Script
application/javascript 104.111.253.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.253.46 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-253-46.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9a0584b6aea05805083ab6d9c6e181aa74e5a8130ff1f87f486fcc9a42f8f56a

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 16:04:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 01:29:42 GMT
Server: Apache
x-amz-request-id: B104AEE53030FD3F
ETag: "e5385a113dead8736740964e0c112780"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=45773
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29499
x-amz-id-2: P6MzesxUq4ixxhHh+ypOD90ILmMlhaCJxkLcawV2FPHzB1oYJ/NBU4J5sIrfwT8+/K6YFpkm9ds=

GET
H3-Q050 200 pubads_impl_2020100601.js Show response
securepubads.g.doubleclick.net/gpt/ 271 KB
96 KB 115ms
83ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

d30402b6c051753a27998a64e310201b9ffa7aa6688afb8ce936f349f257180e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 08:39:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97495
x-xss-protection: 0
expires: Sun, 11 Oct 2020 16:04:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115461612-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2909
date: Sun, 11 Oct 2020 15:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sun, 11 Oct 2020 17:15:39 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 201 KB
62 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=690ca55e5d78ccfe62ad49bf7560973a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fb7037cea6b5019fff853febb62757551d395418d981e08b1e451ab4c8d6daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.bolatimes.com
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SB0RJHgQCoaqQGU11aLbNw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62416
etag: "9b4c6e6f40380b4f6d3753b8a483cb8c"
x-fb-debug: Ezzq9+Kd8XNfebZXsgJOWLaE4d9oKyfPu63KAa7UjWJH2912kAUN7JUZzVSHl8+OvuutB35F553afS2Z4Hk/Fg==
x-fb-trip-id: 664085054
x-fb-content-md5: 98a15eab9d4a11c48b742b02efb7c3a2
x-frame-options: DENY
date: Sun, 11 Oct 2020 16:04:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 11 Oct 2021 15:02:53 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 135ms
43ms Image
image/gif 65.9.96.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=BolaTimes.com%20-%20Situs%20Berita%20Bola%20Terpopuler%20dan%20Jadwal%20Klasemen&time=1602432248867&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.bolatimes.com%2F&random_number=4745696152&sess_cookie=951795c51751867ac228ccc3d0d&sess_cookie_flag=1&user_cookie=951795c51751867ac228ccc3d0d&user_cookie_flag=1&dynamic=true&domain=bolatimes.com&account=AyD3r1DTcA20Ug&jsv=20130128&user_lang=en-US
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 10:23:10 GMT
Via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 20459
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: PRG50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: LCRv6-0lTrAH3gjulMyEQfC4KwvNzlbZoUmEZsu-FNmvzXeDKAu6RQ==

GET
H2 200 iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame CA1D 0
0 24ms
23ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn.izooto.com
:scheme: https
:path: /scripts/sak/iz_setcid.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolatimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bolatimes.com/

Response headers

status: 200
date: Sun, 11 Oct 2020 16:04:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc14da65c7847af0ceecdca92d4baf1a11602432248; expires=Tue, 10-Nov-20 16:04:08 GMT; path=/; domain=.izooto.com; HttpOnly; SameSite=Lax
last-modified: Tue, 11 Feb 2020 13:01:43 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 402966
expires: Sat, 12 Dec 2020 16:04:08 GMT
cache-control: public, max-age=5356800
cf-request-id: 05ba00c434000005f9ed22b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5e09d0b38bf905f9-FRA
content-encoding: br

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=444613544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bolatimes.com%2F&ul=en-us&de=UTF-8&dt=BolaTimes.com%20-%20Situs%20Berita%20Bola%20Terpopuler%20dan%20Jadwal%20Klasemen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=205942069&gjid=337411846&cid=1216485138.1602432249&tid=UA-115461612-1&_gid=102613071.1602432249&_r=1&gtm=2ou9u1&z=1372381102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 33ms
32ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-115461612-1&cid=1216485138.1602432249&jid=205942069&gjid=337411846&_gid=102613071.1602432249&_u=IEBAAUAAAAAAAC~&z=1409717912

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Oct 2020 16:04:08 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 730x480-img-22599-aksi-eduardo-camavinga-saat-mencetak-gol-pertamanya-di-timnas-prancis-franck-fife-afp.jpg
media.bolatimes.com/thumbs/2020/10/08/22599-aksi-eduardo-camavinga-saat-mencetak-gol-pertamanya-di-timnas-prancis-franck-fife-afp/ 42 KB
42 KB 223ms
210ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/10/08/22599-aksi-eduardo-camavinga-saat-mencetak-gol-pertamanya-di-timnas-prancis-franck-fife-afp/730x480-img-22599-aksi-eduardo-camavinga-saat-mencetak-gol-pertamanya-di-timnas-prancis-franck-fife-afp.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c336d02cbf0f9137200057566380922ca08a42d6b34ea94483e6e5360e3f33

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Oct 2020 03:57:08 GMT
server: cloudflare
etag: "5f7e8e14-a857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b42bd92fa5-FRA
content-length: 43095
cf-request-id: 05ba00c49a00002fa59d949200000001

GET
H2 200 350x230-img-62590-gelandang-real-madrid-luka-modric-twitteratrealmadrid.jpg
media.bolatimes.com/thumbs/2020/01/09/62590-gelandang-real-madrid-luka-modric-twitteratrealmadrid/ 13 KB
13 KB 29ms
15ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/01/09/62590-gelandang-real-madrid-luka-modric-twitteratrealmadrid/350x230-img-62590-gelandang-real-madrid-luka-modric-twitteratrealmadrid.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827946f54ee002bb79c981efafc90d1df4542e00563e3034781f44742a5d88cc

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 13153
cf-request-id: 05ba00c49a00002fa59d947200000001
last-modified: Thu, 09 Jan 2020 00:18:52 GMT
server: cloudflare
etag: "5e16716c-3361"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b42bd62fa5-FRA

GET
H2 200 350x230-img-42756-marc-klok-kini-resmi-menjadi-pemain-persija-jakarta-dok-persija.jpg
media.bolatimes.com/thumbs/2020/02/01/42756-marc-klok-kini-resmi-menjadi-pemain-persija-jakarta-dok-persija/ 8 KB
8 KB 27ms
14ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/02/01/42756-marc-klok-kini-resmi-menjadi-pemain-persija-jakarta-dok-persija/350x230-img-42756-marc-klok-kini-resmi-menjadi-pemain-persija-jakarta-dok-persija.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a12b307461b6db58b728ccaafa2d323d21e78c8c0fcb3118be2c05e9e8b2b737

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 8560
cf-request-id: 05ba00c49a00002fa59d948200000001
last-modified: Sat, 01 Feb 2020 05:15:14 GMT
server: cloudflare
etag: "5e350962-2170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b42bd72fa5-FRA

GET
H2 200 350x230-img-43544-potret-natalia-barulich-instagramnatalia.jpg
media.bolatimes.com/thumbs/2020/09/22/43544-potret-natalia-barulich-instagramnatalia/ 20 KB
20 KB 40ms
27ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/09/22/43544-potret-natalia-barulich-instagramnatalia/350x230-img-43544-potret-natalia-barulich-instagramnatalia.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88d54be17d8e28a1b8197d98c6ffb32691cad05c2327951d705f81f45dd7241

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 20272
cf-request-id: 05ba00c49a00002fa59d945200000001
last-modified: Tue, 22 Sep 2020 05:18:56 GMT
server: cloudflare
etag: "5f698940-4f30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b42bd22fa5-FRA

GET
H2 200 350x230-img-40836-saat-liverpool-hajar-chelsea-5-3-paul-ellis-pool-afp.jpg
media.bolatimes.com/thumbs/2020/07/23/40836-saat-liverpool-hajar-chelsea-5-3-paul-ellis-pool-afp/ 17 KB
17 KB 26ms
13ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/07/23/40836-saat-liverpool-hajar-chelsea-5-3-paul-ellis-pool-afp/350x230-img-40836-saat-liverpool-hajar-chelsea-5-3-paul-ellis-pool-afp.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779814bb2198c7857a799199eee07461a82f3b3e040a001c5b2920497b7e6bb3

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 17118
cf-request-id: 05ba00c49b00002fa59d94a200000001
last-modified: Thu, 23 Jul 2020 08:08:18 GMT
server: cloudflare
etag: "5f194572-42de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b42bdb2fa5-FRA

GET
H2 200 350x230-img-24191-thiago-alcantara-diperkenalkan-sebagai-pemain-baru-liverpool-di-anfield-laman-resmi-liverpool.jpg
media.bolatimes.com/thumbs/2020/09/30/24191-thiago-alcantara-diperkenalkan-sebagai-pemain-baru-liverpool-di-anfield-laman-resmi-liverpool/ 16 KB
16 KB 27ms
14ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/09/30/24191-thiago-alcantara-diperkenalkan-sebagai-pemain-baru-liverpool-di-anfield-laman-resmi-liverpool/350x230-img-24191-thiago-alcantara-diperkenalkan-sebagai-pemain-baru-liverpool-di-anfield-laman-resmi-liverpool.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91fca6243c7b38db6d291dbd28318ad12403c1e121d42e252ed557772fea8a5

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1383
status: 200
content-length: 16176
cf-request-id: 05ba00c49a00002fa59d946200000001
last-modified: Wed, 30 Sep 2020 05:10:10 GMT
server: cloudflare
etag: "5f741332-3f30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b42bd42fa5-FRA

GET
H2 200 350x230-img-19798-pep-guardiola-saat-memimpin-manchester-city-melawan-dinamo-zagreb-dalam-laga-grup-c-liga-champions.jpg
media.bolatimes.com/thumbs/2019/10/02/19798-pep-guardiola-saat-memimpin-manchester-city-melawan-dinamo-zagreb-dalam-laga-grup-c-liga-champions/ 12 KB
12 KB 14ms
12ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2019/10/02/19798-pep-guardiola-saat-memimpin-manchester-city-melawan-dinamo-zagreb-dalam-laga-grup-c-liga-champions/350x230-img-19798-pep-guardiola-saat-memimpin-manchester-city-melawan-dinamo-zagreb-dalam-laga-grup-c-liga-champions.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c0d4c2ce0a952e891cddb263eb88917f5694879fd0ecfe771eceb7eb857734

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 12303
cf-request-id: 05ba00c4a900002fa59d94d200000001
last-modified: Wed, 02 Oct 2019 10:11:46 GMT
server: cloudflare
etag: "5d9477e2-300f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b44c062fa5-FRA

GET
H2 200 350x230-img-21011-logo-liga-inggris-dok-premier-league.jpg
media.bolatimes.com/thumbs/2020/01/02/21011-logo-liga-inggris-dok-premier-league/ 4 KB
4 KB 17ms
16ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/01/02/21011-logo-liga-inggris-dok-premier-league/350x230-img-21011-logo-liga-inggris-dok-premier-league.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21a19395ae490fc231a2cb48e685e11d71862490cdfbc228e9459cce3f7763b

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 4317
cf-request-id: 05ba00c4aa00002fa59d94e200000001
last-modified: Thu, 02 Jan 2020 03:42:39 GMT
server: cloudflare
etag: "5e0d66af-10dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b44c0b2fa5-FRA
cf-bgj: h2pri

GET
H2 200 350x230-img-98898-cherry-ladapa-fans-berat-chelsea-asal-thailand-instagramcherry-ladapa.jpg
media.bolatimes.com/thumbs/2020/08/04/98898-cherry-ladapa-fans-berat-chelsea-asal-thailand-instagramcherry-ladapa/ 13 KB
13 KB 210ms
209ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/08/04/98898-cherry-ladapa-fans-berat-chelsea-asal-thailand-instagramcherry-ladapa/350x230-img-98898-cherry-ladapa-fans-berat-chelsea-asal-thailand-instagramcherry-ladapa.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 156900c5eb174663638bb8270090dc4e0ad27cb34d409ca3547ee50eb908e53b

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Aug 2020 10:14:37 GMT
server: cloudflare
etag: "5f29350d-325b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b44c0f2fa5-FRA
content-length: 12891
cf-request-id: 05ba00c4aa00002fa59d94f200000001

GET
H2 200 /
www.facebook.com/tr/ 44 B
264 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=191909918204240&ev=fb_page_view&dl=https%3A%2F%2Fwww.bolatimes.com%2F&rl=&if=false&ts=1602432248974&sw=1600&sh=1200&at=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 11 Oct 2020 16:04:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
890 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.bolatimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 16:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
316 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bolatimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 16:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 219 KB
31 KB 740ms
740ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4248091853453206&correlator=4208757120576253&output=ldjh&impl=fifs&eid=21067446%2C21067633%2C21067945&vrg=2020100601&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201011&iu_parts=148558260%2CBolaTimes%2CDesktop&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%2C300x250%2C300x100%7C300x50%2C300x100%7C300x50%2C970x90%7C728x90%7C468x60%2C315x299%2C160x600%2C160x600%2C1x1%2C1x1&ists=3&prev_scp=pos%3Dleaderboard%26page%3Dhome%7Cpos%3Dright_1%26page%3Dhome%7Cpos%3Dright_2%26page%3Dhome%7Cpos%3Dright_3%26page%3Dhome%7Cpos%3Dright_4%26page%3Dhome%7Cpos%3Dfullbeltbanner%26page%3Dhome%7Cpos%3Dheadline_1%26page%3Dhome%7Cpos%3Dskin_right%26page%3Dhome%26refresh%3Dtrue%7Cpos%3Dskin_left%26page%3Dhome%26refresh%3Dtrue%7Cpos%3Dotp%26page%3Dhome%7Cpos%3Dballoon%26page%3Dhome&cookie_enabled=1&bc=31&abxe=1&lmt=1602432249&dt=1602432249229&dlt=1602432248492&idt=706&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C985%2C985%2C-9%2C-9%2C315%2C-9%2C1295%2C145%2C0%2C0&adys=90%2C105%2C1042%2C-9%2C-9%2C4832%2C-9%2C90%2C90%2C4908%2C4908&adks=1285832963%2C1138615272%2C1138615273%2C4152665876%2C4152665877%2C4030129027%2C4139163011%2C2643713839%2C1980448287%2C508573221%2C3971485102&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bolatimes.com%2F&dssz=40&icsg=44564480&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x4742%7C300x957%7C300x477%7C0x-1%7C0x-1%7C970x4742%7C0x-1%7C0x-1%7C0x-1%7C1600x48%7C1600x48&msz=728x90%7C300x250%7C300x250%7C0x-1%7C0x-1%7C970x90%7C0x-1%7C160x-1%7C160x-1%7C1x1%7C1x-1&ga_vid=1216485138.1602432249&ga_sid=1602432249&ga_hid=444613544&fws=132%2C132%2C132%2C2%2C2%2C132%2C2%2C644%2C644%2C132%2C516&ohw=1600%2C1600%2C1600%2C0%2C0%2C1600%2C0%2C1600%2C1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

7a77d2f54abf6b7957899a681cf45906aae0538aa47c0875bba7d6d3e034d604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31580
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-2,-2,-2,-2,5430352521,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-2,-2,-2,-2,138317815520,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bolatimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 80ms
65ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
8ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 29ms
29ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-115461612-1&cid=1216485138.1602432249&jid=205942069&_u=IEBAAUAAAAAAAC~&z=2054932596

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 30ms
30ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-115461612-1&cid=1216485138.1602432249&jid=205942069&_u=IEBAAUAAAAAAAC~&z=2054932596

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 350x230-img-46631-presenter-cantik-asal-italia-diletta-leotta-instagramatdilettaleotta.jpg
media.bolatimes.com/thumbs/2019/10/03/46631-presenter-cantik-asal-italia-diletta-leotta-instagramatdilettaleotta/ 19 KB
20 KB 15ms
14ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2019/10/03/46631-presenter-cantik-asal-italia-diletta-leotta-instagramatdilettaleotta/350x230-img-46631-presenter-cantik-asal-italia-diletta-leotta-instagramatdilettaleotta.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a427606da2115c5e0a73f326bd57cc7772719e60be36026c7ebba678f24c14

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
cf-int-pingora-origin-digest: {"ext_ip":"162.158.167.37","ext_port":27354,"upstream_rtt":1}
content-length: 19833
cf-request-id: 05ba00c5f600002fa59d974200000001
last-modified: Thu, 03 Oct 2019 08:41:21 GMT
server: cloudflare
etag: "5d95b431-4d79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b6594f2fa5-FRA

GET
H2 200 350x230-img-56561-emma-heesters.jpg
media.bolatimes.com/thumbs/2020/08/03/56561-emma-heesters/ 13 KB
14 KB 176ms
175ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/08/03/56561-emma-heesters/350x230-img-56561-emma-heesters.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de70a4b84b3d952e7645c22f4fb78442fb482d28fbe51581d4c020304984937e

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 13768
cf-request-id: 05ba00c5f600002fa59d975200000001
last-modified: Mon, 03 Aug 2020 03:57:48 GMT
server: cloudflare
etag: "5f278b3c-35c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b659532fa5-FRA
cf-bgj: h2pri

GET
H2 200 350x230-img-57934-matilde-mourinho.jpg
media.bolatimes.com/thumbs/2018/12/19/57934-matilde-mourinho/ 22 KB
22 KB 214ms
214ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2018/12/19/57934-matilde-mourinho/350x230-img-57934-matilde-mourinho.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d34a12bbd02ac5e6975639a912db89833b5d5aca5106f97e3b6868ceb417b7

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 19 Dec 2018 13:06:29 GMT
server: cloudflare
etag: "5c1a4255-5827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b659542fa5-FRA
content-length: 22567
cf-request-id: 05ba00c5f600002fa59d976200000001

GET
H2 200 350x230-img-32533-striker-crystal-palace-wilfried-zaha.jpg
media.bolatimes.com/thumbs/2020/09/20/32533-striker-crystal-palace-wilfried-zaha/ 16 KB
17 KB 29ms
28ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/09/20/32533-striker-crystal-palace-wilfried-zaha/350x230-img-32533-striker-crystal-palace-wilfried-zaha.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39f2e8c820c87d1392666f99f390361ce5ea8928206ec9150a762bd5aa73872

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1384
status: 200
content-length: 16886
cf-request-id: 05ba00c66e00002fa59d97e200000001
last-modified: Sun, 20 Sep 2020 03:12:28 GMT
server: cloudflare
etag: "5f66c89c-41f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432249"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 5e09d0b71b692fa5-FRA

GET
H2 200 350x230-img-77136-ekspresi-kebahagiaan-para-pemain-chelsea-usai-kurt-zouma-mencetak-gol-ke-gawang-brighton.jpg
media.bolatimes.com/thumbs/2020/09/15/77136-ekspresi-kebahagiaan-para-pemain-chelsea-usai-kurt-zouma-mencetak-gol-ke-gawang-brighton/ 16 KB
16 KB 205ms
203ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/09/15/77136-ekspresi-kebahagiaan-para-pemain-chelsea-usai-kurt-zouma-mencetak-gol-ke-gawang-brighton/350x230-img-77136-ekspresi-kebahagiaan-para-pemain-chelsea-usai-kurt-zouma-mencetak-gol-ke-gawang-brighton.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f35cfc5889257325978e444b32239f9e2c3bc2c6c312fc40fecf9e69fe3e1e

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Sep 2020 03:56:49 GMT
server: cloudflare
etag: "5f603b81-408b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b71b6e2fa5-FRA
content-length: 16523
cf-request-id: 05ba00c66f00002fa59d97f200000001

GET
H2 200 350x230-img-18390-logo-la-liga-spanyol.jpg
media.bolatimes.com/thumbs/2020/09/14/18390-logo-la-liga-spanyol/ 9 KB
9 KB 181ms
180ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/09/14/18390-logo-la-liga-spanyol/350x230-img-18390-logo-la-liga-spanyol.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e68f5bce2f4214c12e16fb1e847c2333c8bbd4c017886265c02e2ee27b436a

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Sep 2020 13:13:19 GMT
server: cloudflare
etag: "5f5f6c6f-2461"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b71b722fa5-FRA
content-length: 9313
cf-request-id: 05ba00c66f00002fa59d980200000001

GET
H2 200 350x230-img-76010-selebrasi-para-pemain-chelsea-usai-mencetak-gol-ke-gawang-burnley-afpian-kington.jpg
media.bolatimes.com/thumbs/2020/01/12/76010-selebrasi-para-pemain-chelsea-usai-mencetak-gol-ke-gawang-burnley-afpian-kington/ 15 KB
15 KB 195ms
194ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2020/01/12/76010-selebrasi-para-pemain-chelsea-usai-mencetak-gol-ke-gawang-burnley-afpian-kington/350x230-img-76010-selebrasi-para-pemain-chelsea-usai-mencetak-gol-ke-gawang-burnley-afpian-kington.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2334b908b1acf3fc0f1f5755ad1e6f59a3c0e19e3b3da4c9b62e5c86e121d2fe

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Sat, 11 Jan 2020 17:43:56 GMT
server: cloudflare
etag: "5e1a095c-3b0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b71b752fa5-FRA
content-length: 15118
cf-request-id: 05ba00c66f00002fa59d981200000001

GET
H2 200 350x230-img-27944-ansu-fati.jpg
media.bolatimes.com/thumbs/2019/09/15/27944-ansu-fati/ 8 KB
8 KB 205ms
205ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2019/09/15/27944-ansu-fati/350x230-img-27944-ansu-fati.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e4d5cd8117cd163779b1eccf9bc633575ad7a699709c4bedcb855f32b0a823

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Sun, 15 Sep 2019 02:13:05 GMT
server: cloudflare
etag: "5d7d9e31-1fd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b74bdf2fa5-FRA
content-length: 8150
cf-request-id: 05ba00c68c00002fa59d984200000001

GET
H2 200 350x230-img-72891-gelandang-barcelona-ivan-rakitic-lluis-geneafp.jpg
media.bolatimes.com/thumbs/2019/03/01/72891-gelandang-barcelona-ivan-rakitic-lluis-geneafp/ 12 KB
12 KB 208ms
208ms Image
image/jpeg 2606:4700:3034::681b:9168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2019/03/01/72891-gelandang-barcelona-ivan-rakitic-lluis-geneafp/350x230-img-72891-gelandang-barcelona-ivan-rakitic-lluis-geneafp.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:9168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c44ffba2b49760479dc47c65f5a7f4ac8d03e5cabeab967b5b0e90edb3659ca8

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:09 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Mar 2019 06:35:42 GMT
server: cloudflare
etag: "5c78d2be-3108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602432250"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5e09d0b77c5e2fa5-FRA
content-length: 12552
cf-request-id: 05ba00c6a600002fa59d987200000001

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/bolatimes.com/ 579 B
957 B 1107ms
270ms Script
text/javascript 13.124.83.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/bolatimes.com/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.124.83.177 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-124-83-177.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

632909e44e3225353931c329e88f0acda56fa0e93f051754e580160c390b8301

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 16:04:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"243-K1RTwPXe0cn5ULKl5lDN1ZFJbkQ"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 343

GET
H3-Q050 200 container.html
b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 50F7 0
0 29ms
14ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolatimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bolatimes.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 11 Oct 2020 16:04:09 GMT
expires: Mon, 11 Oct 2021 16:04:09 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9708 0
0 22ms
14ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolatimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bolatimes.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 11 Oct 2020 16:04:09 GMT
expires: Mon, 11 Oct 2021 16:04:09 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B8D 0
0 61ms
61ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4OMJx8UZCVTSCQ35x5CO8x3vSexOwoktJtz0OL0b9NKpb6OYcr1ESRThL4XDIJo-fcXoHZFp10SIjgRWZArYqAjlEEsnfQz20CU63QRzKFlCJD3y5o80-uviLs-3OcS_nqeb3CqeqssiTTf8qh1jXxbeE-AJ4T7cpiqvoOYXWlQi5npMlxugBh66BnXeXT9LYeylt8ZSzenQWdUe1BpQ8mWItQhB8yuipLcVhbQQqafHeztk3SFOknxyXPgn_aN3PJyxFrX9cIC_v2g&sai=AMfl-YS60zcMpXblYzg2yRUhp7E3lDUbs4kOaW9nQHOyK-Xaz7qbF-12YBdKXQHdWpjvAQ14snButhxD-IOZW6pcTt9ZFllx4u4qVyZ6Lhz-gkGsFC-giapK4dafnIwuvjWJ&sig=Cg0ArKJSzMVXKLppghkmEAE&adurl=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 16:04:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Oct 2020 16:04:10 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201007/r20110914/ Frame 4B8D 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201007/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e9cbeb042045915010187a06f377ca740931d95417cf98dfdcda75edc1fdfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 12:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 13331796968155814488
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Oct 2020 12:22:28 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201007/r20110914/client/ Frame 4B8D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201007/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 11:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Oct 2020 11:08:22 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B8D 75 KB
28 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e59f9bd317707e26eec6717a19d7bad4f338f7219a5a44f15524941ea5f8e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602243746703548"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28907
x-xss-protection: 0
expires: Sun, 11 Oct 2020 16:04:10 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4B8D 0
0 15ms
13ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTndpJz6SOu5h9KUJGltkQzPe7mXmM8XFuQKIqrnqkKngQ3x_shIBs2T7uIjCnXyImUj2gb
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 16893901257989554928
tpc.googlesyndication.com/simgad/ Frame 4B8D 100 KB
100 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16893901257989554928

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6714465fde9c5de0490481ac67e5d7e3b44bff87e92322e2697d739f32df708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:14:07 GMT
x-content-type-options: nosniff
age: 424203
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102172
x-xss-protection: 0
last-modified: Wed, 08 May 2019 06:13:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 18:14:07 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009282107000/ Frame C450 206 KB
57 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26267
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57253
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0138da5df6f877a3"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:23 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame C450 16 KB
6 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26269
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5763
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0dd94cdacc228659"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:21 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame C450 96 KB
29 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26269
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29503
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "59cc65a87e598f8b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:21 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame C450 4 KB
2 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26269
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d5686bc7b82e539c"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:21 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame C450 47 KB
14 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 26237
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14600
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a6f012caf7a1c6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:53 GMT

GET
DATA 200
OK truncated
/ Frame C450 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e4ba7712bbc00f37bb842f650c23042917130ac2aa06a5d8387466c07ac4e0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 10393772442758116896
tpc.googlesyndication.com/simgad/ Frame C450 52 KB
52 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10393772442758116896?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql24R_UNcUtYhl7fP81VtnubGuG8Q

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3fc949898b177f0bcb24b084fcb70375a97f9928b1e3da6ddb5e8b1388611e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 09:36:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Sep 2020 11:16:12 GMT
server: sffe
age: 109672
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53560
x-xss-protection: 0
expires: Sun, 10 Oct 2021 09:36:18 GMT

GET
H3-Q050 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C450 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Oct 2020 23:33:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59438
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Sun, 11 Oct 2020 23:33:32 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C450 344 B
455 B 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 17703
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 12 Oct 2020 11:09:07 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C450 0
0 16ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-7mOplGaPPrHy9zxLSZmKBEFNp2mWFv5Lvgamh80gjaTyx9Yxuzj_9Dxc1kzfWW9-xmRw
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C450 0
0 63ms
62ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cdxyp-SyDX7TMFcvMgAfjqbrgDO_7hstfxYumkLgMoty_oNQBEAEglKSmMmD1lc6B4ASgAfGD_ZUDyAEC4AIAqAMByAMIqgTPAU_Qv1mW-3jg5XjWNLj4r3-cE9wvTWpoff_W6upNSPatuOZLv1doHGSUAt6zNyPM0xKmMgKq6oAJ8vM1QsWeAfTYBXhGcV1aPFM3d_DPA4XwuWXqOaqpfCzAhSjXjkGSZ9Hklz1d-hzmimE49mK-3pUq8vQoHMM1V--sesDSq0y-aGZ2BfmnzFtxAdo8MuoNuxeVY1yAOInEil1LRYmW_t-aBmchWdJaha1xnuHHIUOrYj5Ae11R3Lu-pFpwCyYIntuhq76FgHrRK5gEm6wYAMAEp66R5qED4AQBkgUECAQYAZIFBAgFGASgBgKAB5_-348BqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOihDdIICQiA4YBAEAEYH4AKA8gLAbIMFHB1Yi0xNTE0NTIwMTMzMTQ3MTIz2BMN&sigh=bwganm98ltM&tpd=AGWhJmv6vmxj-8pFUzxloEA9e-rmsIzCXS5jUOzh-D7urWH8iA
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602243746703548"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Sun, 11 Oct 2020 16:04:10 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B8D 0
21 B 60ms
60ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvd_TP-hCAxrFIQrLAyfhypDwXyLSNCaFa4geAMGKi0_OdH1e6n1zVYn3yQP9Byt7zXqMiHWNBYbehJhlYOcO9GHhDmhcqPjdstmEwEnAqas1YoD0t6ouhxEeVnEmVJ7rDgI-IX8WK7mIekIgvuMbFc7QjctpdhliSP_6FNqaCoJwN4XxnM2T5-vv1_SuabFX_GsfN7UnpMpmh3HJrWlKAg3pH1TXFtGaLZaQ4zrvObsrQBCVJtbUfQ36jpAD3JKazc8uDOutAC8CPKMT9&sai=AMfl-YRVWECkYRiahcLqzQSuhZV84GjvCVttI1WyqPt4AUub3JN9xpzKuCPfSRqtqgttWU_rDrzCrS1j2rLEbOVgvAV44luJSZ85nX-MziUUKX8KIidxm3TfBubE-_ShxZCY&sig=Cg0ArKJSzAm0aN9K9A3LEAE&adurl=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 16:04:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B8D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc11eabd8eaece7d0c33caeac757f16671445e77f97c8c494610b77986e034c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C450
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 11 Oct 2020 16:04:10 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 10393772442758116896
tpc.googlesyndication.com/simgad/ Frame C450 52 KB
52 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10393772442758116896?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql24R_UNcUtYhl7fP81VtnubGuG8Q

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3fc949898b177f0bcb24b084fcb70375a97f9928b1e3da6ddb5e8b1388611e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 09:36:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Sep 2020 11:16:12 GMT
server: sffe
age: 109672
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53560
x-xss-protection: 0
expires: Sun, 10 Oct 2021 09:36:18 GMT

GET
H3-Q050 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C450 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Oct 2020 23:33:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59438
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3020
x-xss-protection: 0
expires: Sun, 11 Oct 2020 23:33:32 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C450 344 B
438 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 17703
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 12 Oct 2020 11:09:07 GMT

GET
H/1.1 200
OK visit Show response
api.dable.io/logs/services/bolatimes.com/users/10736374.1602432250569/ 54 B
285 B 273ms
273ms Script
text/javascript 13.124.83.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/bolatimes.com/users/10736374.1602432250569/visit?url=https%3A%2F%2Fwww.bolatimes.com%2F&ref=&lang=en-US&cid=10736374.1602432250569&z=931119&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.124.83.177 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-124-83-177.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 16:04:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK sendid
ace-sync.toast.com/ 43 B
650 B 1214ms
299ms Image
image/gif 43.227.116.104
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ace-sync.toast.com/sendid?sid=dable&uid=10736374.1602432250569
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.227.116.104 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 16:04:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type,Accept
Content-Length: 43
Expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H/1.1 200
OK match
analytics.ad.daum.net/ 0
571 B 1738ms
291ms Image
image/avif 211.231.100.211
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.ad.daum.net/match?d=111&uid=10736374.1602432250569
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 211.231.100.211 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: analytics /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 16:04:12 GMT
Server: analytics
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/avif;charset=UTF-8
Content-Length: 0
X-Application-Context: analytics
Expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEDk2-SvyqYkTDSAJKv7t4Hc&google_cver=1

35 B
194 B

816ms
268ms

Image
image/gif

13.124.190.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEDk2-SvyqYkTDSAJKv7t4Hc&google_cver=1
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.124.190.254 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-124-190-254.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 11 Oct 2020 16:04:11 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:10 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEDk2-SvyqYkTDSAJKv7t4Hc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=444613544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bolatimes.com%2F&ul=en-us&de=UTF-8&dt=BolaTimes.com%20-%20Situs%20Berita%20Bola%20Terpopuler%20dan%20Jadwal%20Klasemen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=898607163&gjid=1075659253&cid=1216485138.1602432249&tid=UA-166274536-20&_gid=102613071.1602432249&_r=1&_slc=1&cd1=8348&z=177627584

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C450 42 B
65 B 19ms
18ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslsZXoNNS1pjXsENxNNFq7FZIWxAFL9T4cVAP6XHs4kANNy7Tq7r4Mj_lFScTQWxlIcNYJmcgGBvIg87YnLTNx-wijasjaIo3U_Bsh6laqLDJb-_sfkC6tFMXFxQ&sai=AMfl-YT_xVsUAlTA583IWr5dGvOB0Dupznr5J2XJo1YtW436k8JcADbYDGaiLGg7TC7iZnN2gOnBV3uy8DKpEvaX8SOYyUXs1NA1_v0XmPEJ5FAxIuTaoUEn1PIgomWQzC0q&sig=Cg0ArKJSzLqq3UL_dKnvEAE&cid=CAASPeRoFtjhghaOn9TZZekY9nd_kDqUXL5OycJH_lZUJdbYKAwuzYOUucQ6OSn7N9MsrMN1tXx9yKE70KHf01M&id=ampim&o=145,90&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=229&tls=1229&g=100&h=100&tt=1229&r=v&avms=ampa&adk=1980448287

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4B8D 42 B
65 B 15ms
15ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssq3jetX5ncFAB8UpJmKYYW_AkGvOQBuENUzdQshgkAUM6MJCk_TBmNUzISTlccjJ2WLZORg8ZjGeUuKNCwRI1r9bHWM_9XtXtgPHERCDk&sig=Cg0ArKJSzJnAHPOKaX93EAE&adk=2643713839&tt=-1&bs=1600%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=90,1295,690,1455&postrxl=1&mcvt=1012&rs=0&ht=0&tfs=192&tls=1204&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=97&md=2&btr=0&cpmav=0&lm=2&rst=1602432250051&dlt&rpt=307&isd=0&msd=0&xdi=0&bmi=1&ps=1600%2C5184&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1199&is=160%2C600&iframe_loc=https%3A%2F%2Fwww.bolatimes.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=160x600&itpl=3&v=20201009

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
27ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020100601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3715f248d0e6a7f416b9ba425955e301b6c7ea948279eaf3aa726098deaf229b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 16:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6524
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 16:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sun, 11 Oct 2020 16:04:12 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 5F6D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bolatimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bolatimes.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sun, 11 Oct 2020 15:46:16 GMT
expires: Mon, 11 Oct 2021 15:46:16 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1076
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
45 B 16ms
15ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020100601&jk=4248091853453206&bg=!o6CloIDNAAWqWepuqlgJWhtTMBecgwIAAABnUgAAABUKAQuvzx9_ibJGl6suQ95wmx-holdcgxyyS9hlMxl26nXLowSu1m3x4F_jQ8Js0eFlbLfDxVXWeiqtDpuaMWYmnAw40S_2bqK4_n5DEU1Kpl5cBXTZ7zlv5Sl1_lMn9gKMb28kWKkFTgGGgWl4DroEd-w8805Utk0IVrCuN8nxYRtwZ8B0G9tTiVzomIx_WGxdwE3OnW9y6TIzklpBvOCyeHhKFM_Ox6MU9aNGu4VBd8YFjpFS-odTImNTnRtUdIDRts7cTXgXB7E2BDtqAABfRswkvQNzUnR4KrKKc1NEVpHGH0Q9nvX4C4V917tYooPB21RHkMpSVWV4qFsXl3b7RMa_DcCl9v4Hh5ABZ46ZAar9nnn2ksoZd5hHBrR7amOPOsPVlYnPPhlvVlB2kgHvaR9VYOzy7-fhN_JgS1x0M-jAwCaG-pMu5Qse8Gtj7je51VKSwQMqpMeLTR_HWnwjzqZpXM4oivPRFnNV7HxARbHQeK0ZZyvoqFeRKZ1Xevw9OveIyJunybPE4XYksjEf8WLPyOlQROjqj23Drv4ldGvZwkuDngCxZWSyIws-XpKofQltbEeE15KepZX_DlcdwwZzVQCgQJVXgAaDsvQpKJkMvgu7suHTDo0O9bORnZmVlrSQJxOxYdcM9npGuP9gwrMAANqCTPpi332R3b06ODCC6k7tANlvdLq3gHV-WFMiQ-4hnDY8GaSVxvM339zu3sMJUCC-CypkrS4jYJauMDK5jm_PKvW9Ux0hk8DAlMj_DbzTeRZzcLBIcu4UjzLebk-sCatmCvHk5HpHv72dIeAWWDAnwFZSYYXKwJgX5xb2ZYejDmHjPEtivicOZjqVW1Gv6F6oaKpan-noxj1okje3TzK15rGZPL3LDOyL4x2Q8GBCBxqmq4gPzHsBrUnCQ_thTZkgovnrDbM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 16:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bolatimes.com/	1970-01-19 13:07:12	Name: _gat_gtag_UA_115461612_1 Value: 1
.bolatimes.com/	1970-01-19 13:08:38	Name: _gid Value: GA1.2.102613071.1602432249
.www.bolatimes.com/	1970-01-20 06:38:24	Name: dable_uid Value: 10736374.1602432250569
.bolatimes.com/	1970-01-19 13:07:14	Name: __asc Value: 951795c51751867ac228ccc3d0d
.bolatimes.com/	1970-01-19 13:07:12	Name: _gat_dable Value: 1
.bolatimes.com/	1970-01-19 22:28:48	Name: __gads Value: ID=f48364bc4053484a-2280f875f7b80069:T=1602432249:S=ALNI_MYiMBKQG7GwPXRZj5JtQ4uyizPorw
.bolatimes.com/	1970-01-20 06:38:24	Name: _ga Value: GA1.2.1216485138.1602432249
.bolatimes.com/	1970-01-19 21:54:14	Name: __auc Value: 951795c51751867ac228ccc3d0d
.bolatimes.com/	1970-01-19 13:50:24	Name: __cfduid Value: d8ea74834ff63d1e56b97ea1b7e8c2a9b1602432248

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.dable.io/dist/plugin.min.js(Line 2) Message: Dable DEBUG: renderWidgetByWidth found no DOM from given target : dablewidget_370RJNXx_wXQMGMXA
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js(Line 6) Message: TypeError: Cannot read property 'getAttribute' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js(Line 6) Message: TypeError: Cannot read property 'getAttribute' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100601.js(Line 6) Message: TypeError: Cannot read property 'getAttribute' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://www.bolatimes.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ace-sync.toast.com
adservice.google.ch
adservice.google.com
adx.dable.io
analytics.ad.daum.net
api.dable.io
assets.bolatimes.com
b1e656fa040ac091d0f51596bc6a5674.safeframe.googlesyndication.com
bolatimes.com
cdn.ampproject.org
cdn.izooto.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
googleads.g.doubleclick.net
m.suara.com
media.bolatimes.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.dable.io
stats.g.doubleclick.net
tpc.googlesyndication.com
www.bolatimes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.111.253.46
13.124.190.254
13.124.83.177
172.217.23.162
211.231.100.211
216.58.205.226
2606:4700:3034::681b:9168
2606:4700::6812:d841
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:814::2008
2a00:1450:4001:817::2001
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2003
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
43.227.116.104
65.9.96.115
65.9.96.53
65.9.96.60
0001b2532614a6f5676c8d0ba12e6ae09c4c91987a9f53234573b77760265685
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13e4ba7712bbc00f37bb842f650c23042917130ac2aa06a5d8387466c07ac4e0
156900c5eb174663638bb8270090dc4e0ad27cb34d409ca3547ee50eb908e53b
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
2334b908b1acf3fc0f1f5755ad1e6f59a3c0e19e3b3da4c9b62e5c86e121d2fe
239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f
2eafc16802d643742271fd863dde14b896e0f12d2cb36a0992b18eadba5951df
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa
3715f248d0e6a7f416b9ba425955e301b6c7ea948279eaf3aa726098deaf229b
3ecde2730ad3eb71be321fe771aaaaf84aa7790272ccc34d77325afd9f18c980
3f816cb8ff889233ee6ee121d66a7ee7ec2b966c4a47a89db38e75135b7c5de5
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
43e6facf4dbdce621888f16805361cd2a925f393ae24fde6416acc6584b52a47
46e4d5cd8117cd163779b1eccf9bc633575ad7a699709c4bedcb855f32b0a823
4920200be4c4757b8138f1c7a3f59226a9a0a012abe65a96b35aae4d7bb28f01
4dad0b46791364798dec358fa60756c40523e86dafd63b203a694866f8370ddf
4db6ab3004e72b26d8809429dc25e14e5cee63d6e8043b6ad4ad0f33986a8f6c
51e59f9bd317707e26eec6717a19d7bad4f338f7219a5a44f15524941ea5f8e7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55936f2b26e60bbbb552abf81513309df3c92eebb22eea36a699e9d4640d4091
59c0d4c2ce0a952e891cddb263eb88917f5694879fd0ecfe771eceb7eb857734
5c9b646f14973c302bfb1cdd4e51703c30af897556ae369d5eb6ec842ef53f37
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61da7dac4b0f552e25b44adb91ee72ccd269d91a09e4555619bef5c2d9946d60
61f35cfc5889257325978e444b32239f9e2c3bc2c6c312fc40fecf9e69fe3e1e
632909e44e3225353931c329e88f0acda56fa0e93f051754e580160c390b8301
68c336d02cbf0f9137200057566380922ca08a42d6b34ea94483e6e5360e3f33
68cf74a2bd0bbc7f96425a24aed8c2b193aec8a9d2271e836be63e36cc2b1d1b
69f2e6291ee7ec6c1678dff7f49320b8a6876c6ca9897eb0e97a8479263cf08f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bf571d1d274c77ecd695c8def5ba803353b5d7f670345b2d319863281adb614
6dc11eabd8eaece7d0c33caeac757f16671445e77f97c8c494610b77986e034c
74e9cbeb042045915010187a06f377ca740931d95417cf98dfdcda75edc1fdfb
779814bb2198c7857a799199eee07461a82f3b3e040a001c5b2920497b7e6bb3
7a77d2f54abf6b7957899a681cf45906aae0538aa47c0875bba7d6d3e034d604
7cdbab58dbd850901a8d1f4d3007fe515fd4ab8ac4f70edaddd1feb0646f34c0
7fb7037cea6b5019fff853febb62757551d395418d981e08b1e451ab4c8d6daf
827946f54ee002bb79c981efafc90d1df4542e00563e3034781f44742a5d88cc
82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969
843411847040fe6e6b2e2d16acd417da0762f627efdb84ace0f4961c90074a65
84d8857a30f9a02ad7953b490bcfb9ada43e22ef283a06ce5b231469c9532167
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
88f15027c3aadf50ab39cea089b1f8aa3a18da7c47b30569c1f7489470c05292
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ed4805c41db530b80df9b1e080d3a54f1cb0a945f2e015ad5d27298f02cd875
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
93eb0949ec3c6b0b72bddd728c49d1a44a787522751d3471853659c3758ad57e
95990133290b3070e866f0ab7999a8ac5152c0868d2ac82de7cf05333089c37c
96d34a12bbd02ac5e6975639a912db89833b5d5aca5106f97e3b6868ceb417b7
9a0584b6aea05805083ab6d9c6e181aa74e5a8130ff1f87f486fcc9a42f8f56a
9c3fc949898b177f0bcb24b084fcb70375a97f9928b1e3da6ddb5e8b1388611e
9dfdb40415dc52c33fc25d654890a4704b6909d3ddf8690d525b93b2b8528dbb
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a12b307461b6db58b728ccaafa2d323d21e78c8c0fcb3118be2c05e9e8b2b737
a39f2e8c820c87d1392666f99f390361ce5ea8928206ec9150a762bd5aa73872
a6714465fde9c5de0490481ac67e5d7e3b44bff87e92322e2697d739f32df708
a77e3de0205a463c08b9b70e518d4f7fdfc5bedac3dcf2a58355756accf1795c
abc339d2b76c962291530a8a96f2e9f1ad824e862606b29c3fd54b7663ef0f64
b21a19395ae490fc231a2cb48e685e11d71862490cdfbc228e9459cce3f7763b
b88d54be17d8e28a1b8197d98c6ffb32691cad05c2327951d705f81f45dd7241
bf5d4b5623422b6407f7dd888a52685f50a47f0af748fcf1cff0ae82d196e7c0
c44ffba2b49760479dc47c65f5a7f4ac8d03e5cabeab967b5b0e90edb3659ca8
c7670d675d7786610688e0281807701cc104cf2ea904e2f0b40b1cd8dc39fe65
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f
d2e68f5bce2f4214c12e16fb1e847c2333c8bbd4c017886265c02e2ee27b436a
d30402b6c051753a27998a64e310201b9ffa7aa6688afb8ce936f349f257180e
d62354488979b63e0fd172699c6089af6a2ddb48270bb2387b04780c058ddd28
d8a427606da2115c5e0a73f326bd57cc7772719e60be36026c7ebba678f24c14
d91fca6243c7b38db6d291dbd28318ad12403c1e121d42e252ed557772fea8a5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de70a4b84b3d952e7645c22f4fb78442fb482d28fbe51581d4c020304984937e
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e364e6d2bdc1902aace5340ff07e189082ab4e63083dda3c9d6e1600d9206e7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69
ead13ccfbdea5462c3af37aa6ae04e64ed65a31c33f76e46da5e86ec85c52064
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef149ab7011dd298dad7c39e84b6d3ddd70c81e493b0a73388609f7cb76652ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa224f0529027fd03eecdf96a20811ac7d22648c2bc53b26302e231cc82b262
f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20
f91e4e75872be104a4ccb8eda2fe4422be8ee38d33c68f511799a1577a739d3d

www.bolatimes.com Open in urlscan Pro 2606:4700:3034::681b:9168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

58 %IPv6

18 Domains

30 Subdomains

24 IPs

6 Countries

1447 kBTransfer

2907 kBSize

9 Cookies

12 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bolatimes.com Open in urlscan Pro
2606:4700:3034::681b:9168 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

58 %
IPv6

18
Domains

30
Subdomains

24
IPs

6
Countries

1447 kB
Transfer

2907 kB
Size

9
Cookies

106 HTTP transactions
4 data transactions