www.bolatimes.com Open in urlscan Pro
2606:4700:20::ac43:45e2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bolatimes.com/
Effective URL:
https://www.bolatimes.com/
Submission: On January 17 via api (January 17th 2024, 9:28:09 am UTC) from LU — Scanned from DE

Summary HTTP 114 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 23 domains to perform 114 HTTP transactions. The main IP is 2606:4700:20::ac43:45e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bolatimes.com.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.

This is the only time www.bolatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::ac43:45e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4696	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
7	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::6815:2eaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2607:fc48:bc4... 2607:fc48:bc4b::bc:238	40009 (BITGRAVITY) (BITGRAVITY)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:297f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.117.1.141 34.117.1.141	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
114	34

1 2606:4700:20::681a:82c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:45e2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4696 (United States)

ASN13335 (CLOUDFLARENET, US)

ua.realtimely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.realtimely.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:2eaa (United States)

ASN13335 (CLOUDFLARENET, US)

js.content-rec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.content-rec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

assets.bolatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:fc48:bc4b::bc:238 (United States)

ASN40009 (BITGRAVITY, US)

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297f (United States)

ASN13335 (CLOUDFLARENET, US)

cl.imghosts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.1.141 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.1.117.34.bc.googleusercontent.com

hbs.ph.affinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	257 KB
18	bolatimes.com 1 redirects www.bolatimes.com assets.bolatimes.com media.bolatimes.com	334 KB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163	251 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	67 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 t.clarity.ms — Cisco Umbrella Rank: 6984 c.clarity.ms — Cisco Umbrella Rank: 1351	29 KB
7	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8715 c.mgid.com — Cisco Umbrella Rank: 6378 servicer.mgid.com — Cisco Umbrella Rank: 8793 s-img.mgid.com — Cisco Umbrella Rank: 8695 cm.mgid.com — Cisco Umbrella Rank: 1347	103 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	104 KB
4	affinitymatrix.com cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 42109	159 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
3	content-rec.com js.content-rec.com — Cisco Umbrella Rank: 146949 c.content-rec.com — Cisco Umbrella Rank: 957643	8 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	256 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	29 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	realtimely.io ua.realtimely.io — Cisco Umbrella Rank: 53788 api.realtimely.io — Cisco Umbrella Rank: 49633	3 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	277 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	2 KB
1	affinity.com hbs.ph.affinity.com — Cisco Umbrella Rank: 48067	359 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 535	63 KB
1	imghosts.com cl.imghosts.com — Cisco Umbrella Rank: 11830	1 MB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	762 B
1	google.pt www.google.pt — Cisco Umbrella Rank: 13270	408 B
114	23

	Domain	Requested by
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.bolatimes.com 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com tpc.googlesyndication.com
9	media.bolatimes.com	www.bolatimes.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	www.bolatimes.com securepubads.g.doubleclick.net www.googletagservices.com
7	assets.bolatimes.com	www.bolatimes.com assets.bolatimes.com
6	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	cdn4-hbs.affinitymatrix.com	www.bolatimes.com cdn4-hbs.affinitymatrix.com
4	fonts.googleapis.com	www.bolatimes.com 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com client
3	www.gstatic.com	3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
3	t.clarity.ms	www.clarity.ms
3	www.clarity.ms	www.bolatimes.com www.clarity.ms
3	www.googletagmanager.com	www.bolatimes.com www.googletagmanager.com
2	c.content-rec.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads.g.doubleclick.net	www.bolatimes.com 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net www.bolatimes.com
2	c.mgid.com
2	c.clarity.ms	1 redirects
2	connect.facebook.net	www.bolatimes.com connect.facebook.net
2	jsc.mgid.com	www.bolatimes.com jsc.mgid.com
2	3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
2	www.bolatimes.com	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	cdn.jsdelivr.net	cdn4-hbs.affinitymatrix.com
1	hbs.ph.affinity.com	cdn4-hbs.affinitymatrix.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	cm.mgid.com	jsc.mgid.com
1	ad.doubleclick.net
1	cl.imghosts.com
1	s-img.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.bing.com	1 redirects
1	api.realtimely.io	www.bolatimes.com
1	js.content-rec.com	www.bolatimes.com
1	www.google.pt	www.bolatimes.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	ua.realtimely.io	www.bolatimes.com
114	41

This site contains links to these domains. Also see Links.

Domain
gol.bolatimes.com
arkadiacorp.com
www.suara.com
www.matamata.com
www.hitekno.com
www.dewiku.com
www.mobimoto.com
www.guideku.com
www.himedik.com
regional.suara.com
clickmov.suara.com
yoursay.id
www.serbada.com
www.theindonesia.id
hits.suara.com
www.iklandisini.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
bolatimes.com GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
realtimely.io GTS CA 1P5	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google.pt GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
content-rec.com E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-26` - `2024-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2023-05-17` - `2024-05-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cl.imghosts.com Cloudflare Inc ECC CA-3	`2023-10-03` - `2024-10-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.ph.affinity.com Go Daddy Secure Certificate Authority - G2	`2023-04-10` - `2024-04-16`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.bolatimes.com/
Frame ID: 3F1CEAA0437BC818C85A597BE27141D0
Requests: 77 HTTP requests in this frame

Frame: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A66120499067F6AB80F8FB297AF048F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKIx65LQkPdbxylbkioio_ECOfzXj3zPgxXsE-vihxDagTA_IuT9wd5DaUvqnHiktUwxE72cVMJG3bVjxWZ1xyKV6oJ2jnIPNc6XmtbhLwJuokYU0iAYWouiNpK2AA1hsjCASQiAdlWSkD5xHK47Q1Er_wijG55hJflOUbhGyTcptv6AfzClY7maj-Zem29FjhOuoP9YleqpxCYnqeM3DBZCDgEcXAOWUzV_l5q-huMi-MHsRc20Gu9OyIBIaQEyfVgXzw4HCH2N38Ws8NKwcfqruJk8lV-ZMyf349CguuI4xFyFfwNqCdYoa2kqetmO-0wG9wvfPcpKWlI6EsJ0lXjNuLshGKAY4&sai=AMfl-YQm_x1D5wt_pbnlQyXDvUwBkfus4-JI1QOH3kX0LVfxFs6FvZMJPvFV9HzGfA4URJQ8RUWuT9l_e5gMe3CybH2b8zJFMkgQ0yLid_3mUYisH4s9AVgRAzl5V42W0LW_e_G8DhDMHeUmrPX5Ve-KY-RF&sig=Cg0ArKJSzEB3C_ZmolIzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 38532F7C8EAB45CBDB5A96C22AD194E2
Requests: 5 HTTP requests in this frame

Frame: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B9C13171187F383ACD87CAB1E8C135E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 5BD2F747E0B9021D029F5648B2F3BCC5
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite_fy2021.js
Frame ID: 4185A452749D656B8658554B1A20860A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C69DF63D8C1B1640704948AC69961D7B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D57F840DDF397184F3342BCDB4BF1521
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0997D9BD2B76EFB27E1FAC905F6D43D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js
Frame ID: AFB510C4AC281653263181AE8F17E744
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BolaTimes.com - Berita bola, Jadwal, Skor & Liga Eropa

Page URL History Show full URLs

http://www.bolatimes.com/ HTTP 301
https://www.bolatimes.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

114
Requests

96 %
HTTPS

80 %
IPv6

23
Domains

41
Subdomains

34
IPs

4
Countries

3312 kB
Transfer

6257 kB
Size

20
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://gol.bolatimes.com/
Title: Gol

Search URL Search Domain Scan URL

URL: https://arkadiacorp.com/

Search URL Search Domain Scan URL

URL: https://www.suara.com/

Search URL Search Domain Scan URL

URL: https://www.matamata.com/

Search URL Search Domain Scan URL

URL: https://www.hitekno.com/

Search URL Search Domain Scan URL

URL: https://www.dewiku.com/

Search URL Search Domain Scan URL

URL: https://www.mobimoto.com/

Search URL Search Domain Scan URL

URL: https://www.guideku.com/

Search URL Search Domain Scan URL

URL: https://www.himedik.com/

Search URL Search Domain Scan URL

URL: https://regional.suara.com/

Search URL Search Domain Scan URL

URL: https://clickmov.suara.com/

Search URL Search Domain Scan URL

URL: https://yoursay.id/

Search URL Search Domain Scan URL

URL: https://www.serbada.com/

Search URL Search Domain Scan URL

URL: https://www.theindonesia.id/

Search URL Search Domain Scan URL

URL: https://hits.suara.com/

Search URL Search Domain Scan URL

URL: https://www.iklandisini.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BolaTimes-422088054911458/

Search URL Search Domain Scan URL

URL: https://twitter.com/bolatimesdotcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/suaradotcom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bolatimesdotcom/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bolatimes.com/ HTTP 301
https://www.bolatimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83DD46C1E20B459CB9CE048A6EFEFB64&RedC=c.clarity.ms&MXFR=256AF713EE4C6BDA2C9FE31AEA4C659F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83DD46C1E20B459CB9CE048A6EFEFB64&MUID=2DE7BBA352AF68262E11AFAA530369E3

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

114 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bolatimes.com/
Redirect Chain

http://www.bolatimes.com/
https://www.bolatimes.com/

165 KB
23 KB

1360ms
1312ms

Document
text/html

2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37640b5954f36230e01211342e41cc579008800d1577eff1b09bab3bc4bf4317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 846d90cad9f635e6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 Jan 2024 09:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dx9QM5J%2FG4ellPwXAym%2BIFyJu%2BLQjYp%2F1conVL2PH6%2F024UxBuGeTDccKcg2lL53YHfEHDErkS3y4MltqJscjjWfaSkHrZUQPZMUuV9bf9AbQgXBCTDGpFVGZWCl8KcpQJ3H96%2BvTWyaKJcy4%2FQ"}],"group":"cf-nel","max_age":604800}
s-device-type: mobile
server: cloudflare
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-id: tHl-GHkPPATDL0eKUKWU2LPQhYnJCXI4LKwEVDeNCrYTGGEqpo_9KQ==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 846d90ca588d90da-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 17 Jan 2024 09:28:00 GMT
Location: https://www.bolatimes.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjYi3CY50LjndylmG7bX7a2387hXemkH3fmqKGKARa1R3Q6Cf9%2BEMUw3S5EvHwkbzodWrwzKc8aa05srkbuQ7m8ud4fPXWxVn%2Fw%2Frx%2BiCiPe8fljEIP49Q1mLjLKqVLvNi2eVapkwFnBLaNzPIFK"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 3BR80qO7NR2uYMYvD9eTBBElj7XbEvcQi2S8Ipd7i4p1KEV3HSRMxg==
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Redirect from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 3 KB
578 B 80ms
33ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b051e91c4152250e78940e4bccae03d710d4e26a24f4bcb405291d9b75bd2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 09:28:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 09:28:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
873 B 78ms
32ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95ef3768ec0f5da28f4b121793f4f71d60b411c53569b19aa2a48cead3c3c7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 09:28:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 09:28:01 GMT

GET
H2 200 mainv3_mod.min.css
assets.bolatimes.com/mobile/css/ 25 KB
6 KB 42ms
31ms Stylesheet
text/css 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/mobile/css/mainv3_mod.min.css
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0188c48ab8424aa92ea2893388576c6e4feac9602110dbf6d0458e1dcf22e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Sep 2023 05:48:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3301
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qeo9wgO7u2gEK1AeXE0wW4PpGBbVGYUlrHd5jKuypWafmrlrzH5lcGFw2qxNHF7Gp6SlP7uh2nXmOsbud7RpNfdIIHj3ZWnlrXNh3dPwjqXS2SJRZNPF1AuY6ZPMD8mdrjUEMQN%2B6yYDQ9e1qQV%2BkpUf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 846d90d32b1935e6-FRA

GET
H2 200 script.js Show response
ua.realtimely.io/ 4 KB
2 KB 84ms
31ms Script
application/javascript 2606:4700:20::ac43:4696
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.realtimely.io/script.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4696 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9978
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 08 Oct 2023 07:39:41 GMT
server: cloudflare
etag: W/"65225cbd-fd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ%2Bhgh2EtDKRtWnQ557xvIn41IKlrcgoXxR4YgxYV6cYgmbeZCe5GV77PPHX8Up1Ig%2BZ6d1%2FOCjWczm2Vfw7KgZQWK4G1MUWdDHnQzNzDH%2FqOLdPBjWIvEpIzLlw3xT9JLJ42IsEAX%2FSWEtQxWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=57600
cf-ray: 846d90d3efaa927f-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 154ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a648b4edb645170f54d219ca6e4a5b22857fea489e8fc07d9e2799383d0640a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29651
x-xss-protection: 0
server: cafe
etag: 781 / 19739 / 31080415 / config-hash: 6931021207574245193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:28:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 111ms
62ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a68b24fd2534e81e7d1082ac8f1372aa04b8297b34408b1cfc6618cf67f6cce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92455
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 09:28:01 GMT

GET
H2 200 bolatimes-logo.png
assets.bolatimes.com/mobile/images/ 18 KB
18 KB 661ms
660ms Image
image/png 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/bolatimes-logo.png
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f5e506db19cb972a8173e9a44a15402ee87b6fc3dac64e399a0215f58698f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqC8%2Bq7lCemVDJRhL6NgkUXYaPsM6jIRoLP3tKHmfcggpo7e5y1ZPmNzevc86zQzJM8FAuvTSsfXBMim%2BNe4%2F5mjaW2R5snQNG%2FlFPxF8XHrONYw8vi1nWqyYsv0as1v%2BRSSKq5t9g0yZ1yvQivUjDvg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 846d90d39b8935e6-FRA
content-length: 18383

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
75 KB 83ms
34ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFVNJ45

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4eb24688aed0a7b80c9a4b77701bbfd68259c126ddd64943ed72ece80325f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76835
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jan 2024 09:28:01 GMT

GET
H2 200 close.svg
assets.bolatimes.com/mobile/images/icons/ 366 B
491 B 677ms
677ms Image
image/svg+xml 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/icons/close.svg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63fc1ddc963bb7b1fa84264c2d2650dd951ff93719bd7a9569c2ab632f49d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbrgsIkz8SFcN5fCSTIj9wmLH6jurXjBlphy3cmP5aHqRDgITLj7k4q0%2Bpubvuos%2FCvk4bxWqcKC6x81ZQkB7NxBKnIyw7FUBCkAeJ4by43kbPNtoflTmmcZH9wJgzlFb8Ld70xvBMRVdQc1OS0D51i4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 846d90d39b8b35e6-FRA

GET
H2 200 menu.svg
assets.bolatimes.com/mobile/images/icons/ 245 B
420 B 666ms
665ms Image
image/svg+xml 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/icons/menu.svg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30706f6f7b483dea438968b354d5329358eda60a7f5b0c864576b12e4d1c769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzR8q9B6ne%2BX3mmK6KYaDNHvooxRqeKKFxReYcnnbr%2BIl4bZBhhRcTSd80P9mFOnt4%2BiXgD8aHB9oR1d7cSYBQDpsuKIC3xyBxfRpOhmgBv%2BiSUVXAm4iMnDtWypFqYwdrTff%2FzbhUiC51TPUY1nNgpD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 846d90d39b8f35e6-FRA

GET
H2 200 search.svg
assets.bolatimes.com/mobile/images/icons/ 1 KB
907 B 668ms
667ms Image
image/svg+xml 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bolatimes.com/mobile/images/icons/search.svg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa03e14db9e4a4f968fb0ab7eafa9a90dd7ed860cf809fe1557fba126bf34380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Feb 2023 02:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptEdWyaieqTD%2Fgl3MPZluiODb1jsmVUaaUo0rteZwHUyH3Sw%2BVYZxqe%2BnZmVMPZUTUs5qk%2Bbhi00nesw8kjKLpejSyNYtugZSdbqd7OSe%2BH5PNcnSLjl3Gi7Z966354I8o%2BUz3J1ua%2BA9XV%2BZ7siFSS7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 846d90d39b9135e6-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 00:34:13 GMT
x-content-type-options: nosniff
age: 32028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 00:34:13 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 02:14:49 GMT
x-content-type-options: nosniff
age: 25992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:14:49 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 13 KB
14 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Fri, 12 Jan 2024 20:35:06 GMT
x-content-type-options: nosniff
age: 391975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13724
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:20:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:35:06 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Mon, 15 Jan 2024 18:20:53 GMT
x-content-type-options: nosniff
age: 140828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 18:20:53 GMT

GET
H2 200 730x480-img-94724-yakob-sayuri-saat-beraksi-bersama-timnas-indonesia-pssiorg.jpg
media.bolatimes.com/thumbs/2024/01/17/94724-yakob-sayuri-saat-beraksi-bersama-timnas-indonesia-pssiorg/ 87 KB
88 KB 47ms
32ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2024/01/17/94724-yakob-sayuri-saat-beraksi-bersama-timnas-indonesia-pssiorg/730x480-img-94724-yakob-sayuri-saat-beraksi-bersama-timnas-indonesia-pssiorg.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a1e4ac708279113188d3cc1ead90e26be77a36a318e31ea6ac90e64071ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2539
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 89437
cf-bgj: h2pri
last-modified: Wed, 17 Jan 2024 08:23:20 GMT
server: cloudflare
etag: "d0a334802b3f2ee56333580e095677b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzojJI3Nrj6gaBpYkkCD6uLWbqhggSo4sad8TcZlFmUBP3pnQnmH6bCm3ZaChdWauJQDjQXBMYdE2OTyCQIgKzeqX7KXZOOZI5wcG%2FxgWVkYhYTMTvWzkt4dYMcKFN0S1G2rgobMwGbktVKz%2Bm42OZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d42c2935e6-FRA
x-amz-cf-id: 6BjWPuvZPdfpuztnLssSnJCR4kf08OwirGIqKwES5OI6BMKiSK04Dw==

GET
H2 200 350x230-img-28393-bek-kiri-timnas-indonesia-pratama-arhan-dalam-laga-melawan-burundi-pada-25-maret-2023.jpg
media.bolatimes.com/thumbs/2023/03/28/28393-bek-kiri-timnas-indonesia-pratama-arhan-dalam-laga-melawan-burundi-pada-25-maret-2023/ 15 KB
16 KB 71ms
56ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/03/28/28393-bek-kiri-timnas-indonesia-pratama-arhan-dalam-laga-melawan-burundi-pada-25-maret-2023/350x230-img-28393-bek-kiri-timnas-indonesia-pratama-arhan-dalam-laga-melawan-burundi-pada-25-maret-2023.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 713eba67d5f8708d4396c5a20f65311902f5b78fc16ca9553d4d8a6e0a03079e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15343
last-modified: Tue, 28 Mar 2023 00:42:11 GMT
server: cloudflare
etag: "d61c698c6bda8d4243e81300a14546af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA7wFdZARg9kffv1WfUjj2C9fXJST80M%2B7%2FZnKBVJgrj6bvjsSFKlIq4tGPbuCcLVEUOPxGwA5qi8UQhdJZAWCOVn9B0t%2Bl9o31fEdOv8sW7Pv0iZ3frm4C2ykjFYxSIeIU6AQhP8BVFo7%2B5dq1bAzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d42c3135e6-FRA
x-amz-cf-id: BldQ0mavP-BCfOwpaMUmwIEOTXyHCUbV7wlNPngJOpjA4PcLEM-JBw==

GET
H2 200 350x230-img-16441-coach-justin.jpg
media.bolatimes.com/thumbs/2023/11/17/16441-coach-justin/ 22 KB
22 KB 70ms
56ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/11/17/16441-coach-justin/350x230-img-16441-coach-justin.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea337489d1e2bbf6435156aeb12fd357458ce9080a592418898ab096725f4535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22391
last-modified: Fri, 17 Nov 2023 11:54:25 GMT
server: cloudflare
etag: "0a222c5486e2a5811caa139a3c87eae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEX2ZqtileIE8V9TTzxcgBcI4GAjnbMGj%2FZY2vsQC9aXn0HkZzLBLqm1%2Fc1yhrhdu0g9zTT2W2Km9%2F4NC7XxfDzufq1RyGuAJXnXY5Y4HFkhmALTQrKqtqTfnDkRHdq27KbBaM5qqNzhpoxfx7Igzvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d42c2c35e6-FRA
x-amz-cf-id: BiHiFcl1JwyKMPcY5fdIEYpozMoHOQ0j6Di8Om5DqI6y8nNvJDpZYA==

GET
H2 200 350x230-img-71125-maria-vania.jpg
media.bolatimes.com/thumbs/2024/01/04/71125-maria-vania/ 22 KB
23 KB 68ms
54ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2024/01/04/71125-maria-vania/350x230-img-71125-maria-vania.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93f3a7b1db7eb0303f77958ca59a40730546db9e739b627f70c0146b71a5b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57075
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22881
cf-bgj: h2pri
last-modified: Thu, 04 Jan 2024 02:54:14 GMT
server: cloudflare
etag: "b74e267366f8dd8fd6c1af615a730e92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVXp0cYRDkPFa90S2BVo0CLoNu8V97hq0R9YaGXsYN0lqtSHhzyr8rpVZnNzH00ff%2FT25qMSKpVmVteeRcSH1fyNEp4Rj0kAalqve7oSiIhv2nOVmnDIxR99kyCOSbgIxIIlBpk3POVW24G8WCMkDPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d42c2e35e6-FRA
x-amz-cf-id: aaDT7qz9pOtonqblm7gg4jIamGv1tTpMescTJ1Y5RZnBj4U3BdQkVA==

GET
H2 200 350x230-img-54424-yolla-yuliana.jpg
media.bolatimes.com/thumbs/2023/12/30/54424-yolla-yuliana/ 20 KB
20 KB 71ms
57ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/12/30/54424-yolla-yuliana/350x230-img-54424-yolla-yuliana.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3928a2dcab0488b8152ae11e0c921f2fe6253fb8bff84192946727b9dba89b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20222
last-modified: Sat, 30 Dec 2023 15:35:18 GMT
server: cloudflare
etag: "238896551a7ba500c15a61cfda3cd0f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vORCGy6kio5TO45PKf6oyxSu6kVWXEiV6lc0GSu57AckPGMgzoY7wv3u6fEw06dNjKzAbGu9BRPvrytC1ePC5ODaeUXhVdA%2FiEzqrGC2x3dOfxGOy2x72PXOEtpBcVQIUhud7HgUxSymbQp8GfOa7hs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d42c2f35e6-FRA
x-amz-cf-id: yDhIFNPikQ6N6dWUeRDOQQCSsXjDD1BUXYCkMffUjjawC8ucdrLbyQ==

GET
H2 200 350x230-img-95582-pundit-luar-negeri.jpg
media.bolatimes.com/thumbs/2024/01/17/95582-pundit-luar-negeri/ 30 KB
30 KB 71ms
56ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2024/01/17/95582-pundit-luar-negeri/350x230-img-95582-pundit-luar-negeri.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a19e297f63ca7687739188bd95de5e23f9579a6ca2d363a225d222248cce6aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:01 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30503
last-modified: Wed, 17 Jan 2024 09:07:04 GMT
server: cloudflare
etag: "9c842ebc6c858e82a54bf2a7e8fa94a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMajSbpmAx9bA3VWqZNDBWT6ivO%2FKReoT3tPcdKocEmEJxfl9KxZ27uifHEvMFZ3Y0NZ%2FZ6qBj9MlnoparulYc1bYlrc8EcfKl3mth125HEksxkg9aILE8bQ2IZoQg3R5ZZS%2F0r7X2WZbFNZg5o7ydY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d42c3035e6-FRA
x-amz-cf-id: Tt5jhwmS3LNhidCFfB5Atd74moPxjR-vCE4Rb_mz1hVFrzCeK6SG1g==

GET
H2 200 350x230-img-30030-persib.jpg
media.bolatimes.com/thumbs/2023/12/03/30030-persib/ 25 KB
25 KB 46ms
46ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/12/03/30030-persib/350x230-img-30030-persib.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 522e51ad8c59d0cacaf72e3845743630fe2987355f821d25f9f367a8b1974a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25258
last-modified: Sun, 03 Dec 2023 02:28:57 GMT
server: cloudflare
etag: "a5bbf031765f5a072dafe6748d93a48b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3J6q0%2Ber33qTBRcEDw3LKQoB%2ByTJh5iJa48xPznHPVHZoJ5bsp5SfmX%2FfiVjOiRBbuzRmPLUoI6f6aqVYJKfbogdP6gdea4pF9K2ZYvce9yHdpV1FOGkRmIUoMDn3mSIZKoK0p1tmv5TbFlfekUiiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d48c9035e6-FRA
x-amz-cf-id: PClxI7AfIayv9rzwKD43QpjOYf5p1C03uoxO64vThz0nLHpWkF4ISw==

GET
H2 200 350x230-img-33644-persib-bandung.jpg
media.bolatimes.com/thumbs/2023/12/18/33644-persib-bandung/ 31 KB
32 KB 29ms
29ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/12/18/33644-persib-bandung/350x230-img-33644-persib-bandung.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ebe132ee062be461cd19c09bf16b3127efe57ad8116318261354a387b27bfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
via: 1.1 447163709b16a97083db09f6ac040b38.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57076
x-amz-cf-pop: AMS1-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 32030
cf-bgj: h2pri
last-modified: Mon, 18 Dec 2023 07:10:19 GMT
server: cloudflare
etag: "a532d5a0ba341f9597ea757b1b73c935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIBnmVEzy3lCGCv9NOSB5ctfI8P9Z601xSW%2FoGZIZ0KnffFN3elpMyATH4ubqGC%2BngJAHP%2BLznjlEIQdQwD7LDVyQv%2Bn%2BL8KL%2Fz1vWfeLJm9x9KwlXznItQSVPbczaggqT5m%2Fd7g%2Bx%2FIJ72gYFxwzp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d4acbd35e6-FRA
x-amz-cf-id: cNK_AqcdXVb3BZjIfNdwOV187K6dBSkQqBrSdwG-q8so4304OyWYJQ==

GET
H2 200 350x230-img-80415-shin-tae-yong-dan-bung-towel.jpg
media.bolatimes.com/thumbs/2023/11/30/80415-shin-tae-yong-dan-bung-towel/ 24 KB
24 KB 42ms
42ms Image
image/jpeg 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.bolatimes.com/thumbs/2023/11/30/80415-shin-tae-yong-dan-bung-towel/350x230-img-80415-shin-tae-yong-dan-bung-towel.jpg
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a3d032d94db8f60853f5a39961c932478db631047c8f161fcb3b9fad6df968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24506
last-modified: Thu, 30 Nov 2023 06:19:28 GMT
server: cloudflare
etag: "6d69f92ceccdeba4f522ce92b95c5ed0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsXWC7kiztvnvRqVCzM4n76IMzFWeTL9rqAW%2F95CIKSTOdpeJXw7zVg%2FQM51ppso6LDc3snVqhZZyRHvudUoDxNQXDhLq%2FuI8t8fzpZXOva2l5jbSQoWGHWZCgwteMyb3V1I%2B2yzTiP0sicmfQQIxXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 846d90d4acbf35e6-FRA
x-amz-cf-id: DxVCvR6ajfnTFGz52lMrHVtzXVvj67XOuo-PNI3wUUIkvMj9UqhUtw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFVNJ45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0f693ec2ba7a412b69a5a6d596147e44371eab08470662e197c71ab96329460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92282
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 09:28:02 GMT

GET
H2 200 f1npjd9l2l Show response
www.clarity.ms/tag/ 650 B
1014 B 731ms
671ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/f1npjd9l2l?ref=gtm2
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 43ce29ef1c839b99411ae19509c524984468d3e5aaefdd1ddd5c071a83bdfa0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

expires: -1
date: Wed, 17 Jan 2024 09:28:02 GMT
x-azure-ref: 20240117T092802Z-9y4ehp6qah1gtevckvaz5dqqq800000001bg00000000m9r2
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 75ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je41a0v872195582z8812354766&_p=1705483681779&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=474442265.1705483682&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1705483682&sct=1&seg=0&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&en=page_view&_fv=1&_nsi=1&_ss=1&ep.articleCategory=wp&ep.articlePage=articlePage&ep.articleUserAgent=mobile&tfd=1706
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 85ms
28ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R6NQQ7RXT0&cid=474442265.1705483682&gtm=45je41a0v872195582z8812354766&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pt/ads/ 42 B
408 B 95ms
46ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pt/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R6NQQ7RXT0&cid=474442265.1705483682&gtm=45je41a0v872195582z8812354766&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=622046317

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/ 430 KB
135 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 02:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26478
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138464
x-xss-protection: 0
server: cafe
etag: 13337571285874554267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:06:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 283 KB
72 KB 1194ms
1194ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4159680668699095&correlator=1628852395225841&eid=31079957%2C31080124%2C95320408%2C31080415%2C44782503&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fifs&iu_parts=148558260%2CBolatimes_HVR_1x1%2CBolaTimes_Interstitial%2CBolaTimes%2CMobile&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4&prev_iu_szs=1x1%2C1x1%2C320x50%7C320x100%2C320x50%7C320x100%7C300x250%7C1x1%2C1x1%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C300x250%7C336x280%7C1x1%7C336x180%7C320x330%7C300x450%2C360x85%7C360x88%2C320x480%2C320x50%7C320x100%7C300x250%7C336x280&ifi=1&didk=3820751271~1593280570~3103464748~1559969270~3103465670~1322788908~1322788909~1322788910~1322788911~1322788904~1322788905~1322788906~1322788907~1322788900~2690852759~2793123867~3019867852~1548010724&sfv=1-0-40&ists=73728&fas=0%2C8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1705483682137&lmt=1705483682&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C650%2C650%2C650%2C650%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C640%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C5001%2C10048%2C15095%2C19575%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C240%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C1%7C2%7C3%7C4%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&tos=~~~~~~~~~~~~~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bolatimes.com%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1570x280%7C1570x280%7C1570x280%7C1570x280%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C320x0%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C314x180%7C314x180%7C314x180%7C314x180%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C320x0%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=474442265.1705483682&ga_sid=1705483682&ga_hid=1180563196&ga_fc=true&dlt=1705483681761&idt=349&prev_scp=%7C%7Cpos%3Dtop%26page%3Dhome%7Cpos%3Dbottom%26page%3Dhome%26refresh%3Dtrue%7Cpos%3Dotp%26page%3Dhome%7Cpos%3Dmediumrectangle_1%26page%3Dhome%7Cpos%3Dmediumrectangle_2%26page%3Dhome%7Cpos%3Dmediumrectangle_3%26page%3Dhome%7Cpos%3Dmediumrectangle_4%26page%3Dhome%7Cpos%3Dmediumrectangle_5%26page%3Dhome%7Cpos%3Dmediumrectangle_6%26page%3Dhome%7Cpos%3Dmediumrectangle_7%26page%3Dhome%7Cpos%3Dmediumrectangle_8%26page%3Dhome%7Cpos%3Dmediumrectangle_9%26page%3Dhome%7Cpos%3Dmediumrectangle_10%26page%3Dhome%7Cpos%3Dexpose_mobile_1%26page%3Dhome%7Cpos%3Dparallax%26page%3Dhome%7Cpos%3Dpushdown%26page%3Dhome&adks=3035399121%2C2298460220%2C2302452171%2C1628682583%2C2063847690%2C1584674585%2C1584674584%2C1584674567%2C1584674566%2C1584674565%2C1584674564%2C1584674563%2C1584674562%2C1584674561%2C3092760079%2C1227964173%2C3632274387%2C1089493349&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddebfcb22d9e99627cee53848161a63c327765d7f941aba2f52d12765c670171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73404
x-xss-protection: 0
google-lineitem-id: 6393083730,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138449645732,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bolatimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A66 6 KB
3 KB 113ms
30ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 09:28:02 GMT
expires: Thu, 16 Jan 2025 09:28:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/ 40 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl_page_level_ads.js?cb=31080415

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3971f682e1cdd324bc639f47ea2efc1e4cd4188f55efe418e3ccfceec44dbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 14:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67555
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 9405266704092491736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 15 Jan 2025 14:42:07 GMT

GET
H2 200 mainv3_less.js Show response
assets.bolatimes.com/mobile/js/ 753 B
612 B 659ms
658ms Script
application/javascript 2606:4700:20::ac43:45e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/mobile/js/mainv3_less.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3354f69c3a6ff57792925385a7969593f09e0101dadb55bf97dfec6b042728b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 27 Sep 2023 05:48:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CpsctpeJI3wuGFxhgwGCoJ8ZWX5pvlvMNqpYQwxDHXoX5GAhWeNPt0JusbC3cb22YY1DI5%2Bwk0SER%2Bd%2BiCECfrBvVlM7nZkkZiK%2B2%2FJcn4Mt%2BZq2vS09d2ExvYd93J0KVqNAtXlr5L6UDLf8Fl46RfJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 846d90d5fe9835e6-FRA

GET
H2 200 bolatimes.com.1520395.js Show response
jsc.mgid.com/b/o/ 4 KB
2 KB 82ms
33ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/o/bolatimes.com.1520395.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

626b2f1912024d79bac21c46608ad6a540107eec0dc38e96656a36309f957bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
x-amz-version-id: rw74hBCrR4.5BU7egEuyu0uFKlzgkmyV
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: Q4RDRRHW3YPBCVWK
age: 3296
cf-polished: origSize=3763
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QmpL98cirLlyfCLVhHjbzBNLvoBJl5ZPs8CPA9AVOHsM0AfeTXo2C4CpPJrxAnGwn4E3h/3OnTw=
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 13:38:21 GMT
server: cloudflare
etag: W/"6b849972de8ed18cbffb00bc205ef5c2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 846d90d64852698f-FRA
expires: Wed, 17 Jan 2024 12:28:02 GMT

GET
H2 200 bolatimes.com.108.js Show response
js.content-rec.com/ 25 KB
7 KB 359ms
299ms Script
text/javascript 2606:4700:3037::6815:2eaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.content-rec.com/bolatimes.com.108.js
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c22a6212be994340f4c26e41749fa22d0eb814452213dd296b9d941dd23f531

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

x-id: fr5-hw-edge-gc61
date: Wed, 17 Jan 2024 09:28:02 GMT
x-amz-version-id: .ANAq0CqENC2CPLZETAN.h09wxAwrMjR
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HRX6VJNEA5ES6ASP
x-amz-server-side-encryption: AES256
x-id-fe: fr5-hw-edge-gc16
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xC4lnJD72oJXywhGNJh3/S4kiQVpwilRuehJ3toQbieoygcpcH6Sj4D7k8CXQ1AQM02HMt2JKOgOq5FCeBfFTg==
last-modified: Wed, 29 Nov 2023 12:42:14 GMT
server: cloudflare
traceparent: 00-2d5ceae7ca774a16447079bea56b88f1-84c891c3c0b8faf5-01
etag: W/"da6eaf6a079da7b2f58d65a856520e93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FTlBJYg66lEsBS6W87Tgks85s6xk8EXM1SF4oyhgMSSfZ40oOlYPCteGz5QtsmSRs6p1mklsVwKwNsBZyObCfHp28njV%2FYgHYZu4rg9o%2BHc2apRrK5zgxXuYhvzo4p93vHDrFJH4LSn85C%2Fzxavw1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache: MISS
cf-ray: 846d90d65df119af-FRA

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 19:06:31 GMT
x-content-type-options: nosniff
age: 51691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 19:06:31 GMT

GET
H2 200 my-icon.woff2
assets.bolatimes.com/mobile/webfonts/ 2 KB
3 KB 77ms
30ms Font
application/octet-stream 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bolatimes.com/mobile/webfonts/my-icon.woff2?a41946de4457c5476c8547c8f308bcd3
Requested by: Host: assets.bolatimes.com
URL: https://assets.bolatimes.com/mobile/css/mainv3_mod.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677e82e25404550de66bc0556dc5607d07177827ae3a1f068042e2d136bdc65d

Request headers

Referer: https://assets.bolatimes.com/mobile/css/mainv3_mod.min.css
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Feb 2023 02:59:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3300
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5XzFviQs9zgw7g0B1os4Zvk1Rwlvwm4Om6w8%2FsxQEgqu5RWMgEajs4Ukn7liso77aMf0sKcRwg6X55aAV6EOwhiCIMm73p33MLN7ILj%2F3Xh4%2BKr1V1dZYdKZ3zPoa0XuqEYaEZ5zjMRvsBUXp2Ch2x5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 846d90d65c909244-FRA
content-length: 2156

GET
H3 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 02:27:07 GMT
x-content-type-options: nosniff
age: 25255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:27:07 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 42ms
42ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/f1npjd9l2l?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
last-modified: Mon, 15 Jan 2024 09:28:11 GMT
etag: W/"0x8DC15AC4AC3CD45"
vary: Accept-Encoding
x-azure-ref: 20240117T092802Z-9y4ehp6qah1gtevckvaz5dqqq800000001bg00000000m9sv
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6cdc7caa-c01e-002b-0dc4-47ae17000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 525ms
255ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Access-Control-Allow-Origin: https://www.bolatimes.com
Date: Wed, 17 Jan 2024 09:28:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 sdk.js Show response
connect.facebook.net/id_ID/ 3 KB
3 KB 65ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b518609a41c8b83bbc5f874b8d24bbf2d8a0f36b2acb36533a0444572312f8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 09:28:02 GMT
content-md5: IekeLoLS46CEDsyIP2zefQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints
x-fb-debug: 5k8DowHIssikZO4UZ0EjfS77RfAi6/nDuZPNGDu+/KKGS6A/QWu6PXFO6U/+idV16NII46TPTveL2YIOcqWnTg==
x-fb-content-md5: 06de8920df77efbbeb3e4606264cbbbf
cross-origin-opener-policy: same-origin-allow-popups
etag: "a3673b12456bc3d057688b9cb3d45bad"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:39:57 GMT

GET
H2 200 iezfz86x3h Show response
www.clarity.ms/tag/ 677 B
931 B 113ms
113ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/iezfz86x3h
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ec64a04d4c7052028ceab87233a31c4f194cfdd11ff26c2316f8ef83398dc5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

expires: -1
date: Wed, 17 Jan 2024 09:28:02 GMT
x-azure-ref: 20240117T092802Z-9y4ehp6qah1gtevckvaz5dqqq800000001bg00000000m9t5
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 677
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 bolatimes.com.1520395.es6.js Show response
jsc.mgid.com/b/o/ 329 KB
98 KB 245ms
221ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a2cce9bf3a1ebbc6a503114c4ad2be8bd69b290c2509a643a26f262db78e7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bolatimes.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
x-amz-version-id: S6n8s4nsJxCfgyw.DKVavbW5jOpAzGVe
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: EXGYQ128TXYV07E5
cf-polished: origSize=336660
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: jBaKrhIUsWROILI2iKC3ziXq/cb+l12pjvzPapislAg7qsAL+zHX1WxMEQSGqhiV4tas9YeYSnE=
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 13:38:20 GMT
server: cloudflare
etag: W/"bd36f5a3054aa8caa87e83854770bd44"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 846d90da5d2b39d4-FRA
expires: Wed, 17 Jan 2024 12:28:03 GMT

GET
H2 200 /
api.realtimely.io/c/ 0
329 B 63ms
54ms Image
text/html 2606:4700:20::ac43:4696
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.realtimely.io/c/?p=%2F&u=no&s=no&h=https%3A%2F%2Fwww.bolatimes.com&r=&sid=BOLA&t=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&qs=%7B%7D&cid=2810146
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4696 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qVmW5PN35W1nPFD0CBPvEanwKWzRb8wkOi276EXgppj7egSFm9WTbmmndORziUN99KQp9ugXeR%2F5JLY7%2Fgyw3Df9Vj9LgtUfKoJLgibcFZ8xlwfGHzoewHhmBg8Go%2BWksWwipxW7wbEqRPlII9z"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 846d90da5cf1927f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sdk.js Show response
connect.facebook.net/id_ID/ 303 KB
86 KB 46ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/id_ID/sdk.js?hash=1710211a2c4b12eb7a4affea2d6a5cbc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73d93ddafbdf32e6f0ec4f821aa0ef63dbb3f42b0e84a1285eaf9defcd201c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bolatimes.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 09:28:02 GMT
content-md5: z9Q+JeoywCdP+NLuM4Aeww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88422
reporting-endpoints
x-fb-debug: p0+0fE71puI402HLZaGJzS1EEc3Tu6a1O/UjK1RtEZeY+5i1ZGts0AMXfKp0rBEfC2mYo73UN3NxHu/MtoA7eA==
x-fb-content-md5: 058bad200d44a93ef0a8e4c7e907e170
cross-origin-opener-policy: same-origin-allow-popups
etag: "7ede8371e8137b0270319ecf60916002"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jan 2025 08:38:16 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 105ms
54ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain;charset=UTF-8

Response headers

GET
BLOB 200
OK fea88b09-7fcc-4b8a-8d1d-e78ee413e8cf
https://www.bolatimes.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bolatimes.com/fea88b09-7fcc-4b8a-8d1d-e78ee413e8cf
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 25800e8f-df0c-48c4-bacd-a6705e982716
https://www.bolatimes.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bolatimes.com/25800e8f-df0c-48c4-bacd-a6705e982716
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
66ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a59dbbaf76601fd9e60e691b0ea48fe2165721ab5ea6e52a405f3c4b8f7325b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12091
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=83DD46C1E20B459CB9CE048A6EFEFB64&RedC=c.clarity.ms&MXFR=256AF713EE4C6BDA2C9FE31AEA4C659F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83DD46C1E20B459CB9CE048A6EFEFB64&MUID=2DE7BBA352AF68262E11AFAA530369E3

42 B
441 B

51ms
49ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83DD46C1E20B459CB9CE048A6EFEFB64&MUID=2DE7BBA352AF68262E11AFAA530369E3
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:02 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C20B421631A04FDA91A3C7800893E062 Ref B: FRA31EDGE0705 Ref C: 2024-01-17T09:28:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=83DD46C1E20B459CB9CE048A6EFEFB64&MUID=2DE7BBA352AF68262E11AFAA530369E3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 49ms
39ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fwww.bolatimes.com%2F&cbuster=1705483683225163055095&pvid=18d16bfc599ac8bbd9a&implVersion=11&cxurl=https%3A%2F%2Fwww.bolatimes.com%2F&site=565612&i=1&scum=%3F0&scuw=%3F0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 846d90dc4e45698f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 153ms
100ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 09:28:03 GMT

GET
BLOB 206
Partial Content 183abaa1-9345-45ee-a715-1e210ad20206
https://www.bolatimes.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bolatimes.com/183abaa1-9345-45ee-a715-1e210ad20206
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3853 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKIx65LQkPdbxylbkioio_ECOfzXj3zPgxXsE-vihxDagTA_IuT9wd5DaUvqnHiktUwxE72cVMJG3bVjxWZ1xyKV6oJ2jnIPNc6XmtbhLwJuokYU0iAYWouiNpK2AA1hsjCASQiAdlWSkD5xHK47Q1Er_wijG55hJflOUbhGyTcptv6AfzClY7maj-Zem29FjhOuoP9YleqpxCYnqeM3DBZCDgEcXAOWUzV_l5q-huMi-MHsRc20Gu9OyIBIaQEyfVgXzw4HCH2N38Ws8NKwcfqruJk8lV-ZMyf349CguuI4xFyFfwNqCdYoa2kqetmO-0wG9wvfPcpKWlI6EsJ0lXjNuLshGKAY4&sai=AMfl-YQm_x1D5wt_pbnlQyXDvUwBkfus4-JI1QOH3kX0LVfxFs6FvZMJPvFV9HzGfA4URJQ8RUWuT9l_e5gMe3CybH2b8zJFMkgQ0yLid_3mUYisH4s9AVgRAzl5V42W0LW_e_G8DhDMHeUmrPX5Ve-KY-RF&sig=Cg0ArKJSzEB3C_ZmolIzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Jan 2024 09:28:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame 3853 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 15:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:00:20 GMT

GET
H2 200 index Show response
cdn4-hbs.affinitymatrix.com/hvrcnf/bolatimes.com/17010/ 3 KB
2 KB 375ms
20ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrcnf/bolatimes.com/17010/index?t=17010
Requested by: Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.7/6.5.26/v2fra1-www /
Resource Hash: 652d463e59f6d950519948c80bbf4a4b4cd0510a3eaa8cae88c7a89ab55c95b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

x-version: 9
date: Wed, 17 Jan 2024 02:50:12 GMT
content-encoding: gzip
x-real-ip: 2001:1b60:1010:3:1011:e626:c2f8:a009
server: v/6.7.7/6.5.26/v2fra1-www
age: 29541
x-tata-request-id: 22b26170f42e012b30e034dabfbb76eb, 22b26170f42e012b30e034dabfbb76eb
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1597
expires: Thu, 16 Jan 2025 09:28:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3853 205 KB
65 KB 104ms
48ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:28:03 GMT

GET
H2 200 container.html Show response
3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B9C 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 09:28:02 GMT
expires: Thu, 16 Jan 2025 09:28:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 5BD2 196 KB
56 KB 105ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 23:24:52 GMT
age: 36191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 23:24:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5BD2 15 KB
5 KB 144ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 16:30:29 GMT
age: 61054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 16:30:29 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5BD2 95 KB
28 KB 146ms
61ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 19:33:26 GMT
age: 50077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 19:33:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5BD2 5 KB
2 KB 153ms
68ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:36:00 GMT
age: 24723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:36:00 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 5BD2 40 KB
13 KB 155ms
69ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 17 Jan 2024 02:19:28 GMT
age: 25715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 16 Jan 2025 02:19:28 GMT

GET
H2 200 4067276375967381349
tpc.googlesyndication.com/daca_images/simgad/ Frame 5BD2 26 KB
26 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4067276375967381349?w=360&h=640&tw=1&q=75

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c523b4abf8abec3d606e4cf0e8e9b2c3c1a8eefd73a7fb2309eae8cec495a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

expires: Wed, 24 Jan 2024 07:18:08 GMT
date: Wed, 17 Jan 2024 07:18:08 GMT
x-content-type-options: nosniff
age: 7795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26580
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 23:28:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 5BD2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a6037ee36e12c835b5d0ca5cd9a7dbadd5ef96d1e1c3288ce3b1e2ab4275ec1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

GET
H2 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5BD2 3 KB
3 KB 31ms
30ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 23:48:43 GMT
x-content-type-options: nosniff
server: cafe
age: 34760
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Wed, 17 Jan 2024 23:48:43 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5BD2 344 B
474 B 30ms
29ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 52000
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 17 Jan 2024 19:01:23 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1520395/ 2 KB
1 KB 76ms
66ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1520395/1?mp4=1&ap=1&w=1570&h=2&wrongImageSize=1&sz=1x1&szp=1,2&szl=1;2&cols=1&sessionId=65a79da3-05b51&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&consentStrLen=0&lu=https%3A%2F%2Fwww.bolatimes.com%2F&cbuster=1705483683458539164732&pvid=18d16bfc599ac8bbd9a&implVersion=11&cxurl=https%3A%2F%2Fwww.bolatimes.com%2F&scum=%3F0&scuw=%3F0&niet=4g&nisd=false&pv=5&lct=1703030400&jsv=es6&pageView=1&dpr=1&ref=&tfre=1238

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4d3f3f59bc618553e087e864449de6cad3b0050c3248d2561f7ffaa8dbbeb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 846d90ddcf86698f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 2B9C 3 KB
704 B 43ms
39ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e39a073ca78f3a0c3c3d9a8158f45a92d1fc89cf253a39f3d326b88d070a243a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 08:34:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 09:28:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame 4185 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite_fy2021.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 15:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:00:20 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C69D 143 B
383 B 74ms
23ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

age: 3506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 08:29:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 4185 3 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 15:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:04:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 4185 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 15:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:00:20 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4185 205 KB
65 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:28:03 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 4185 36 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 16:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:12:39 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9479265204943955874/ Frame 4185 112 KB
112 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9479265204943955874/downsize_200k_v1

Requested by

Host: www.bolatimes.com
URL: https://www.bolatimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ee4a9a53f83b9f8120935dc12431a4e12550829b286f9517bdefab9e588ab8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

expires: Wed, 15 Jan 2025 20:08:51 GMT
date: Tue, 16 Jan 2024 20:08:51 GMT
x-content-type-options: nosniff
age: 47952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114340
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 13:52:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame 2B9C 22 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 15:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:42:22 GMT

GET
H2 200 more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B9C 233 B
679 B 88ms
24ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 09:08:54 GMT
x-content-type-options: nosniff
age: 87549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Jan 2025 09:08:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B9C 205 B
295 B 90ms
26ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 10:38:20 GMT
x-content-type-options: nosniff
age: 82183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Jan 2025 10:38:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2B9C 604 B
718 B 89ms
25ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 02:17:22 GMT
x-content-type-options: nosniff
age: 25841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jan 2025 02:17:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D57F 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 08:36:23 GMT
expires: Thu, 16 Jan 2025 08:36:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0997 829 B
1 KB 91ms
28ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91bd1bed04bf7c9c79870574441ffe764438969775f92b13e1d6afebbe746b89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yu4NyUNow3YOcQd_y_BQbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bolatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yu4NyUNow3YOcQd_y_BQbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 09:28:03 GMT
expires: Wed, 17 Jan 2024 09:28:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 3853 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b017b0b1b555c3060c11db3eaab79c7c53a04a79bf8163e7e97df778fba1bc55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3853 0
0 113ms
55ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnkByEd9bpknqMSw-GTg3WS7nSPejCrPgvOcKzugvRYr5eNiWYvRVuyLU01JWbtwfESl8eO6BMPYVIMU_i14uzHi6dcCHNPhhQHXDp1H7V6YGojEyuyU9-Q7TzvQdbjMknXKe7g-ScDReMq60W6HNLBE62crpVT0Lj5R8pPf2GkaxdrTFYcd4QXzoIY5sAdbuB1c_fKTJfqlzwkC0oHixPm5-BO9N1yqRCsAFnrUbu0yyHxylG9iN9wbKpMEvD6VlrI6woljGOdgwfBEHOITdKbLpRi8v2GOmU_qpgfobw2VTJkiWwkKiB8pSFseR9TWdMAxwgHE8oTpwmqYZTfaEge7FPCLftW6PPUw&sai=AMfl-YTpiBlGtPqa98Kz39Qnn3Of3ZNkugPP5_P5B7Ry37MXjWddaLKVHGSkDAImbZe9sMVYEeGtitHH2-PLuuHqoDoaltYurfVgwH-38RIuke5-VTF-6XPWAMjrbOn9rPADNj4ogfOEvIQCAA1g56IlZLRQ&sig=Cg0ArKJSzE6tcT4zeF7XEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 17 Jan 2024 09:28:03 GMT

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
95 B 39ms
38ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/widget-ssp-performance?time=78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 846d90de8842698f-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/gif

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C69D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

35ms
35ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 09:28:03 GMT
expires: Wed, 17 Jan 2024 09:28:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 09:28:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AFB5 50 KB
19 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WihAbdPmEAuwNNTtrWjgEsQMZ632wtWEawfwOklMupQ.js

Requested by

Host: 3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
URL: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19644
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 18:00:43 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D57F 39 KB
15 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 08:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 08:36:24 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5BD2 344 B
368 B 20ms
20ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Tue, 16 Jan 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 52000
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 17 Jan 2024 19:01:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0997 0
0 68ms
56ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401110101&jk=4159680668699095&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzgyMTYxOS9jYjM0Y...
s-img.mgid.com/g/18281701/45x45/-/ 718 B
1 KB 548ms
490ms Image
image/webp 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18281701/45x45/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cHM6Ly9pbWdob3N0cy5jb20vdC8yMDI0LTAxLzgyMTYxOS9jYjM0YmFiNTg5ZWQ3MjAzOTUzZmZhMmI2YjM4YzVhMS5qcGc.webp?v=1705483683-0N86TWKrQBOJHKJJUBUmZk2ZiwHbk72RbGNVkaIe4OE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d58c1999b63cfefffc036f41c41d8be5a138543184b4b47a748b2a76e1813fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bolatimes.com/
Origin: https://www.bolatimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Wed, 17 Jan 2024 09:28:03 GMT
x-mg-request-uuid: f5943b2e-a77e-49b4-9a69-f202eddeb92e
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 846d90df79623819-FRA
content-length: 718
alt-svc: h3=":443"; ma=86400

GET
H2 206 d669b74c3c9617c2e81bfa67632e962e.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2024-01/821619/ 1 MB
1 MB 88ms
31ms Media
video/mp4 2606:4700:4400::6812:297f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2024-01/821619/d669b74c3c9617c2e81bfa67632e962e.mp4?v=1705483683-QvCvSQkLe4g44rUs4sIg1-rb-dI96vFYMd7lYWKOUYw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ba6e3c47b4f1c47dda40197507821d846b754ea60635cc285d7f5071aac45f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Range: bytes=0-

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67446
Content-Range: bytes 0-1456912/1456913
server-timing: cld-akam;mitm=co;dur=353;cpu=91;start=2024-01-16T14:25:32.526Z;desc=miss,rtt;dur=0,content-info;desc="width=680,height=680,abps=133254,fps=30.0,du=10.933,vc=\"h264\",bytes=1456913,owidth=640,oheight=360,oabps=173354,ofps=30.0,odu=10.933,ovc=\"h264\",obytes=1895332,oformat=\"mp4\",ef=(18,61,65)",cloudinary;dur=174;start=2024-01-16T14:25:32.636Z
alt-svc: h3=":443"; ma=86400
Content-Length: 1456913
last-modified: Fri, 12 Jan 2024 16:19:21 GMT
server: cloudflare
etag: "017f9df5707c370f048fc0e09146d486"
vary: Accept-Encoding
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=31536000, no-transform
timing-allow-origin: *
x-robots-tag: noindex
cf-ray: 846d90df78561965-FRA

GET
H2 200 B31263197.385476859;dc_trk_aid=576520536;dc_trk_cid=207952588;ord=279169132;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N1161720.3879368GDN-GOOGLEDISPLA/ Frame 5BD2 42 B
440 B 115ms
46ms Image
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1161720.3879368GDN-GOOGLEDISPLA/B31263197.385476859;dc_trk_aid=576520536;dc_trk_cid=207952588;ord=279169132;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5BD2 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CL1p0op2nZd3yDZvIx_APgJyD-AmR96madd-Y9_mfEtLh0uCyARABIJSkpjJg7QSgAa_omfUoyAEBqQJDMNQMKTqyPuACAKgDAcgDCKoErwJP0Mc355sokhhUJ4WeC0wZm1nt6eg_MDxHRtItgfYI7e26anKsKcf830QmEItmKqc4QRO8vKpD0n6AH0VQ4JWToL3B5LOejYQ5rIPsWB78RGDPmiCTuJ9CjhEQqMXsswTGi6BIeHJuNJOmhTozU6LuiyevyVVLz7AzDlIslmZavSAA6rKqg5bdA6gqQ7dLv1zMoy0g4tbRHohxqgasWxNDUuxOSVSWio3QYQXZ8zw08hQlMUpFYxGG8NloNisz3jv7RWgdbCXczVFVaVCvzepVbVX5bmbAfdJAhXnSE9zb06qgg65fvPbxrPMPLxMWRBygHlnT2gicO6Khwg5NjgsNE0yLavRNIWfFk_Fa9XqEV1mfW0dCmEc21wrTFznH5AxgkkbOU4m6uD31VRh14KbABLfR0rHVBOAEAYgF1o7X9E2gBgLYBgKAB6-g6tQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4L4SoAi8FLAIAtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYp5Cv6I3kgwOaCSRodHRwczovL3d3dy5zYW50YW5kZXIucHQvYWJyaXItY29udGGACgPICwGiDAgqBgoErLqxAuINEwiUm7DojeSDAxUb5BEIHQDOAJ_YEwOCFBMaEXd3dy5ib2xhdGltZXMuY29t0BUBmBYBgBcBshceChwIABIUcHViLTExNjI5MTQ3MDIyOTM5MjAY5J0b&sigh=UbY-u2Xc5ks&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_qZ_3r5s0r8Id9EBswlcstECtJoir1guQYl2oFDVLFDkBHUmcKDEyp8LydOhRUjtcBa3ek9lfdLjsVIgOLswG6zOAzlgvnd-tZqIYAQ&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

GET
H2 200 i.js Show response
cm.mgid.com/ 0
105 B 53ms
40ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?cbuster=1705483683702428583145

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 846d90df48f3698f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 99ms
33ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: B2YBRV7D2XH3MPR1
age: 1406
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 846d90df9e4b3802-FRA
x-amz-id-2: o4+v+GNvOqM/DVLDNXokiUcI2YXrEFZtcISVOMbSdtqLGaqwuBn+7KAnRJWOy9XvV9o5mlRs3SCPtSAYZHUwpA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 114ms
35ms Script
application/javascript 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/b/o/bolatimes.com.1520395.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=130771
accept-ranges: bytes
content-length: 63913
expires: Thu, 18 Jan 2024 21:47:34 GMT

GET
H2 200 v2.js Show response
cdn4-hbs.affinitymatrix.com/hvrlib/bolatimes.com/1697457242/ 64 KB
23 KB 22ms
22ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/bolatimes.com/1697457242/v2.js
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrcnf/bolatimes.com/17010/index?t=17010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.7/6.5.26/v2fra1-www /
Resource Hash: aaffe543bb5a01ce9cab9f9e2d8fc9df9efb721248fd1c49e621d0a91dede90b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

x-version: 9
date: Thu, 11 Jan 2024 10:32:12 GMT
content-encoding: gzip
x-real-ip: 2001:1b60:1010:3:1011:e626:c2f8:a009
server: v/6.7.7/6.5.26/v2fra1-www
age: 514551
x-tata-request-id: 14d20e5436dec7fba84a9514d8d0ff57, 14d20e5436dec7fba84a9514d8d0ff57
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23468
expires: Thu, 16 Jan 2025 09:28:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D57F 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6gbdHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 affhb.data.js.php Show response
cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/ 62 KB
21 KB 21ms
21ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/affhb.data.js.php?t=17010
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/bolatimes.com/1697457242/v2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.7/6.5.26/v2fra1-www /
Resource Hash: c14b1159bc09d10dc526bdf2125e0be193f29f8ef5b4ac3b0e0989bbc35ea073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

x-version: 9
date: Wed, 10 Jan 2024 23:45:44 GMT
content-encoding: gzip
x-real-ip: 2001:1b60:1010:3:1011:e626:c2f8:a009
server: v/6.7.7/6.5.26/v2fra1-www
age: 553339
x-tata-request-id: 7c94c866698503230fa49e12aae6de9e, 7c94c866698503230fa49e12aae6de9e
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/Javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20726
expires: Thu, 16 Jan 2025 09:28:03 GMT

GET
H2 200 prebid7.50.0-651e1d10716b0977277d9a6f2b06a6b1.js Show response
cdn4-hbs.affinitymatrix.com/app/pbjs/2023B/ 300 KB
114 KB 22ms
22ms Script
application/javascript 2607:fc48:bc4b::bc:238
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023B/prebid7.50.0-651e1d10716b0977277d9a6f2b06a6b1.js
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/affhb.data.js.php?t=17010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software: v/6.7.7/6.5.26/v2fra1-www /
Resource Hash: 6f9ff85a9de0b8a6efbb5d31f19ca62eae37cfb1e373e99efdb4f91e366b467a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

x-version: 9
date: Thu, 11 Jan 2024 10:32:16 GMT
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 09:30:27 GMT
server: v/6.7.7/6.5.26/v2fra1-www
age: 514547
x-tata-request-id: 9b7f323420fe05652f807109f39d5e62, 9b7f323420fe05652f807109f39d5e62
x-real-ip: 2001:1b60:1010:3:1011:e626:c2f8:a009
vary: Accept-Encoding
x-cache: HIT,v2fra1
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 115798
expires: Thu, 16 Jan 2025 09:28:03 GMT

GET
H2 200 cfg.php Show response
hbs.ph.affinity.com/app/ 149 B
359 B 190ms
135ms Script
application/javascript 34.117.1.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/app/cfg.php?d=hvr_bolatimes.com
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/affhb.data.js.php?t=17010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.1.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.1.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 43d5c793ed71902712a1b0b62b51ef7fcd5265256f494ef4bffaa301454f2930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:03 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
vary: Accept-Encoding
content-type: application/Javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 544ms
295ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Access-Control-Allow-Origin: https://www.bolatimes.com
Date: Wed, 17 Jan 2024 09:28:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 90ms
31ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240117

Requested by

Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023B/prebid7.50.0-651e1d10716b0977277d9a6f2b06a6b1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d279a8f3340240ea270cd06bf0a845a4e83671a924833fb7cdb7f9d115d8860d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain

Response headers

date: Wed, 17 Jan 2024 09:28:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19633
x-jsd-version: 1.0.1937
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"639-fEVUyCOkUkC6Kps16R0PB+wYg0s"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFgFgdaLJwyRHoSJZeCAzhb6roJM9k04SDebh3jv1SNzeagYWMywaGuv5hlApQ8TTbLcxZkDNimGCUIJTgvJgLXETunoBFkUlPI4NnZeEABpbe0GFDKs9QIaGKstMCfZkoaD09A7RCnROZOQb3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 846d90e12a84996e-FRA

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080415
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401110101&jk=4159680668699095&bg=!OzilOHfNAAa8BdJLnAU7ADQBe5WfODWp3NlcwIw-3zHfsq8bZNgybSPt6pXI5-w6YCrr8aw0ApEZWAAqxEut2GuhbC3IAgAAAH1SAAAAAWgBBwoASuKk70kETl351oVXazvCwhYn0xvMTCeh6KEQP4bCuLSMK9RBL5Wi0sGYKKtvAgxDUc-o4YkH-YEahD6SoAu0OOEKgBGgI2A9wMOhmQKweWPEf5Qw_Ut9vntTc_wYwjd7hQH2Cz_XVnYYszsXpql7YYIGdEtyQZQTzoM2MP1gz5_iFYbqcxo3acwBn2EKip_D2b_OD6h1AXLPXnmjJZeOMOgRq1uy_h7VQbEsWxFCR4WrG4QgA0nykA3kbfOMbTEGwAJ7QvJMWbq0XmKYVfTv0FNFSqIsmxlw3HFsInmyjRwNLqq3hhj_vykqfXAINMlz7HF6aQLIEIehakjZu0nUQVI5H1jkJy_mv5st93Mun6ts15PcwtrCNP7PA3qHApnNODgqCnk3O5cWDReM3fG9-cbVE2nrL7kxzJtJK-bRroeh4K-Zw1nhEaDxtF_GfF_UV32VV2645vChZFQsABmCLrCFxIl3CPvL8u0fznr-VKMOMUQt0d3qUx_XbhEO1jcCn6ygdyAeLK8l8FZNPSq5jVWUSk36JterntLymGY1v5NMl6Z9P1uqDeaF6kj8UJBdyyqsnW6xqFrzf4xdNWoia1LBGClGpjdvuFnd_lzTnWOMFnzY8cxOtR5iH6VNS9lhmZW_vrC2fA05klN0e5u-4ZvkJkH0Sqq2X5lHQCj0ZV_azdf4qtDPEjZJyWl8CviQOMXRLKvqO6KkXWnboMQy5PBpkaU99A2QhYuP8_QFSa9pNj58_uLIR25-k5rfUsPZKcECPE3gOZ4ILyQEiKWpdEnASQ8f12tm4Nx5oa0cpJ-aM9gnFWEyNz3sQ8_Whf7DA5qCrkGLBag3GN7M9-RFcza8005fESQmztCD9QavFQFhJu5LWeJYliVCTjJoDksi_u1tsrWu4YuOzrU1FyQ37ajXr01mbBZcYLXAQgY6EiM68CDGuYO7BeU6o1AHbjB_6gkS35auEYUEPGYpV03TzyoMRT8RPQglubkduV3lnQru8w-Wbt3acO6ZVUINjw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5BD2 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXKpjGjEONX7N9gSzyZqMAMWGTMMyMelHgvGgNS-OKHOU7BkTmDMWinut7dU7K18r44UMNtkn9P6UlQ0_J7QdPC3J6diUL4DpakY42lqBGSO241neH83qYl-1jYr2mvKRlOrpKI3ss2kbOLXRq5nIXbq8EhTp8QvV3hCCm1HARerlSP_kf3F2qmj6n-X3f2_3u7elphASi1dNghnmSBEhaZFuAEBYLNJIbip60A85DNb_-Sk-JVoyoV1FcmbVpeno3dMbrY9HvL8wnzjlGJu4N5VKD60WcmvXijpRwnW9bNgoMY7dMOXMxgwVdOxhVVfqBd-ayzXl7pvVRUVxK8EMW8TJXUr5CVXM97vwLtyGeEjhyxKi-fzcq-qrnB_9MCIleEafEI3Xg1Q-h8tjoZ_0BQSlbYWbNW7ulE4IKD_RD_bwx21e07noUrAayAzDazVABMjVGFW_cDDIj3Aqhm3WvPTkodYj2otKPN9EkkMeSufux-XEU7D-l6p04MbGPVhWSEHEkIkxo-T4rvYWyAc5hgOUv6VDW7Rs5jawsxiiobXot_kRomDvvvKr_Sm6cG4S6IXk6d4wlTRek6y67ftit9264xkct_7hBWqXEPeWrTduUIxuFLM8AkaoTffjTQivNNZmWc8fZ9kDMUnuKKoUlMSXq3Jj8ZiQY62qcPdUnPdGhUOH0hOCLHDN0NI59j8zJ46KKAYzN0IW4J-F4uvT_nNxGtJy-rtwJioZ7Z8F6wyWp1rQB7SG8pckLN_Iiu4okdYc6MzYQovv_ujewFxG6Lfi5sl5zf2-i8wrWn1HcwRD1ILrVO99IhcXNNCmGSPz0mBgS-xnjIW3E7-d6m2JdZ2YdcSt_2kPDNZWXyR_LYcx0WF4bdE2u7Ha2lkQ34lgI26u6fRdn0_82-cV5AVd6KHwpCr8VdFm2EqoJOxTIvEUbWiHv-0AG_Fj-hjiw7JSxJEdUL98CoOrxHFHPn_Wma3HWEQBh-lWv7LDk9ZMFglu_aV2qjRxIErlSc0AfH5VuLVe5yiF968nRALmmxjKCsWangyFeVZu45J3yBZhVX-O2iU8afinBaW7ytPnROO8J7reUt0PBafzma-n7iqn0esCorA3QL_XKwosRsHRzRBrR_vXWgIY5J89ZqyFUNCiVZTXjX7hCbNpX1mUovNDLTf4oauXHcqVwIbFE24WUli5F_LYopmc32ShDI_zd8_eJGPPfNvS5NMkAFxG-BpZzlZOOqJSNMjGbA4Yq_PI4d53hCzccmMeHFUiTFXUtNnSaeIjFl198mVgX-jpElsx1Dcp6lwWwDMIYsSxrQAKjafczFrnW2asSuB8yK4wa3TEOsCHR7dg6W-wbkZgk4stdGoPTdBiR99XeyjU_eLlazzCJHap_tz7EGkq_Ih5K&sai=AMfl-YTOpWj1zSAGt1JJMsNPs1t3EdZBViTl2IonY6DvAehX7XTYkWr0X6l_w5XAyczBZLWFIc455LyvvmZI0KeImFb81Y_srZlh0zE4FaUs2Lyl8RYFxGnIpKI-kg9fYuoQW6vO8oDFUBqSJfrGyQBjMjQnGCQwCZqKD1-PUPc&sig=Cg0ArKJSzAjr4uEnuiHoEAE&cid=CAQSTwAvHhf_qZ_3r5s0r8Id9EBswlcstECtJoir1guQYl2oFDVLFDkBHUmcKDEyp8LydOhRUjtcBa3ek9lfdLjsVIgOLswG6zOAzlgvnd-tZqIYAQ&id=ampim&o=640,0&d=320,480&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=271&tls=1274&g=100&h=100&tt=1274&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
796 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9adf65831a42d6b34c576e3d84179df9f04eb3cec7747f1350914c40140739a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 09:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 09:23:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 09:28:04 GMT

GET
H2 200 form-event
c.content-rec.com/ 0
294 B 295ms
259ms Image
text/plain 2606:4700:3037::6815:2eaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.content-rec.com/form-event?event=push_form_requests&nt=test2sec&nf=push_id_bolatimes.com&csid=565612&pr=&muidn=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miruXRez7PBp8WHgmKhgGJEiTHtevdlVReY6Zg%2BO9NpFLc6zOWOqzqtJizdLN1RHWPb8FKuiVuHQWQ1SG00fmIH5mxENcvjwn96jpGszmQ5vcqxbHHFgVqqVmb1BBFCNnHMw1I9YQTZgMPlBfAooew%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 846d90e6e83c19af-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
277 B 66ms
20ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

access-control-allow-origin: https://www.bolatimes.com
date: Wed, 17 Jan 2024 09:28:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 318 B
601 B 75ms
24ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

9f829a4a8957aa28a294f0e039c7ce18beb40881160b4b3168fa3867fc44c977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bolatimes.com
date: Wed, 17 Jan 2024 09:28:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 form-event
c.content-rec.com/ 0
292 B 145ms
145ms Image
text/plain 2606:4700:3037::6815:2eaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.content-rec.com/form-event?event=push_form_impressions&nt=test2sec&nf=push_id_bolatimes.com&csid=565612&pr=&muidn=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:2eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bolatimes.com/
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

date: Wed, 17 Jan 2024 09:28:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVXOyMHH0%2B9WSI7e3yNWJvLUL%2Bzm0JFCoBuoYM7cZ8pl9wJq5OdJr5pJrFIt31gDU74bhsM7DNXiY7H0N%2B5%2BQ4zRofzpPvlSyBa%2BrqUFgFh5anmFnmcZvr4ImVaewRqTJmqWQoCv6fw%2FwLjZWTWY6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 846d90ecfed419af-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 123ms
123ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn

Response headers

Access-Control-Allow-Origin: https://www.bolatimes.com
Date: Wed, 17 Jan 2024 09:28:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je41a0v872195582&_p=1705483681779&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=474442265.1705483682&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1705483682&sct=1&seg=0&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&_s=2&tfd=8084
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bolatimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Linux; U; Android 10; id-id; Redmi 9T Build/QKQ1.200830.002) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.116 Mobile Safari/537.36 XiaoMi/MiuiBrowser/12.18.3-gn
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 09:28:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bolatimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bolatimes.com/	1970-01-21 03:20:43	Name: _ga Value: GA1.1.474442265.1705483682
.mgid.com/	1970-01-20 17:44:45	Name: __cf_bm Value: IzYGk2bHCtNMiWc484ZbMBRqNY3GhyNfkPjGNGaLPbA-1705483682-1-ASrJEYRCJxBHkOXmCTFlBY7OoOByZuZkH/9MVIZb5698fZiyvjrJjJlAJR8WIVNFMbTYXPHeMXGxVBxJv8ytfaM=
www.clarity.ms/	1970-01-21 02:30:19	Name: CLID Value: b44936abd6df46cbbe291af1a378ba93.20240117.20250116
.bolatimes.com/	1970-01-21 02:30:19	Name: _clck Value: kssbq4%7C2%7Cfih%7C0%7C1477
.bolatimes.com/	1970-01-21 03:06:19	Name: __gads Value: ID=f20874bbd708892d:T=1705483682:RT=1705483682:S=ALNI_Ma_MVGMJmS_ZX_AGIQZC8xigwUXiw
.bolatimes.com/	1970-01-21 03:06:19	Name: __gpi Value: UID=00000d42d67e8848:T=1705483682:RT=1705483682:S=ALNI_MZ3iD2WghJvD8PDU-5qKpeHQjgNlQ
.doubleclick.net/	1970-01-21 03:06:19	Name: IDE Value: AHWqTUnqw7UE1zY1_TFYIzZJpEpOMbtUti4yQYV0pMqiP3BNCPJkJc-riFzJF-JeYZ8
.bolatimes.com/	1970-01-21 03:20:43	Name: _ga_R6NQQ7RXT0 Value: GS1.1.1705483682.1.0.1705483683.59.0.0
.bolatimes.com/	1970-01-20 17:46:10	Name: _clsk Value: 12xikid%7C1705483683453%7C1%7C1%7Ct.clarity.ms%2Fcollect
.bing.com/	1970-01-21 03:06:19	Name: MUID Value: 2DE7BBA352AF68262E11AFAA530369E3
.c.bing.com/	1970-01-20 17:54:48	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:06:19	Name: SRM_B Value: 2DE7BBA352AF68262E11AFAA530369E3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:06:19	Name: MUID Value: 2DE7BBA352AF68262E11AFAA530369E3
.c.clarity.ms/	1970-01-20 17:54:48	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:44:44	Name: ANONCHK Value: 0
www.bolatimes.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1520395%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221705483683685%22%7D%7D
.doubleclick.net/	1970-01-20 17:44:47	Name: DSID Value: NO_DATA
www.bolatimes.com/	1969-12-31 23:59:59	Name: pbjs_debug Value: 0
www.bolatimes.com/	1970-01-20 18:27:55	Name: _pbjs_userid_consent_data Value: 3524755945110770

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ce9655609b810906cf6ea5894b35fa1.safeframe.googlesyndication.com
ad.doubleclick.net
ads.pubmatic.com
api.realtimely.io
assets.bolatimes.com
c.bing.com
c.clarity.ms
c.content-rec.com
c.mgid.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn4-hbs.affinitymatrix.com
cl.imghosts.com
cm.mgid.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbs.ph.affinity.com
id5-sync.com
js.content-rec.com
jsc.mgid.com
lb.eu-1-id5-sync.com
media.bolatimes.com
pagead2.googlesyndication.com
region1.analytics.google.com
s-img.mgid.com
securepubads.g.doubleclick.net
servicer.mgid.com
stats.g.doubleclick.net
t.clarity.ms
tpc.googlesyndication.com
ua.realtimely.io
www.bolatimes.com
www.clarity.ms
www.google.com
www.google.pt
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.181.230
162.19.138.120
162.19.138.82
2.19.105.180
20.114.189.70
2001:4860:4802:34::36
2606:4700:10::6816:3456
2606:4700:1::6813:854c
2606:4700:20::681a:82c
2606:4700:20::681a:92c
2606:4700:20::ac43:45e2
2606:4700:20::ac43:4696
2606:4700:3037::6815:2eaa
2606:4700:4400::6812:297f
2606:4700::6810:5514
2607:fc48:bc4b::bc:238
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a03:2880:f083:100:face:b00c:0:3
34.117.1.141
68.219.88.97
0c0188c48ab8424aa92ea2893388576c6e4feac9602110dbf6d0458e1dcf22e7
0ee4a9a53f83b9f8120935dc12431a4e12550829b286f9517bdefab9e588ab8e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c523b4abf8abec3d606e4cf0e8e9b2c3c1a8eefd73a7fb2309eae8cec495a22
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2e4d3f3f59bc618553e087e864449de6cad3b0050c3248d2561f7ffaa8dbbeb4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3354f69c3a6ff57792925385a7969593f09e0101dadb55bf97dfec6b042728b7
37640b5954f36230e01211342e41cc579008800d1577eff1b09bab3bc4bf4317
3928a2dcab0488b8152ae11e0c921f2fe6253fb8bff84192946727b9dba89b9d
39ebe132ee062be461cd19c09bf16b3127efe57ad8116318261354a387b27bfd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43ce29ef1c839b99411ae19509c524984468d3e5aaefdd1ddd5c071a83bdfa0d
43d5c793ed71902712a1b0b62b51ef7fcd5265256f494ef4bffaa301454f2930
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a19e297f63ca7687739188bd95de5e23f9579a6ca2d363a225d222248cce6aa
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
522e51ad8c59d0cacaf72e3845743630fe2987355f821d25f9f367a8b1974a1e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a28406dd3e6100bb034d4edad68e012c40c67adf6c2d5846b07f03a494cba94
5a2cce9bf3a1ebbc6a503114c4ad2be8bd69b290c2509a643a26f262db78e7c2
5a6037ee36e12c835b5d0ca5cd9a7dbadd5ef96d1e1c3288ce3b1e2ab4275ec1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626b2f1912024d79bac21c46608ad6a540107eec0dc38e96656a36309f957bde
652d463e59f6d950519948c80bbf4a4b4cd0510a3eaa8cae88c7a89ab55c95b1
677e82e25404550de66bc0556dc5607d07177827ae3a1f068042e2d136bdc65d
6f9ff85a9de0b8a6efbb5d31f19ca62eae37cfb1e373e99efdb4f91e366b467a
713eba67d5f8708d4396c5a20f65311902f5b78fc16ca9553d4d8a6e0a03079e
73d93ddafbdf32e6f0ec4f821aa0ef63dbb3f42b0e84a1285eaf9defcd201c3b
75a1e4ac708279113188d3cc1ead90e26be77a36a318e31ea6ac90e64071ebe6
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
7b051e91c4152250e78940e4bccae03d710d4e26a24f4bcb405291d9b75bd2a0
7ba6e3c47b4f1c47dda40197507821d846b754ea60635cc285d7f5071aac45f1
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
8c22a6212be994340f4c26e41749fa22d0eb814452213dd296b9d941dd23f531
91bd1bed04bf7c9c79870574441ffe764438969775f92b13e1d6afebbe746b89
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95ef3768ec0f5da28f4b121793f4f71d60b411c53569b19aa2a48cead3c3c7a7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9adf65831a42d6b34c576e3d84179df9f04eb3cec7747f1350914c40140739a5
9f829a4a8957aa28a294f0e039c7ce18beb40881160b4b3168fa3867fc44c977
a59dbbaf76601fd9e60e691b0ea48fe2165721ab5ea6e52a405f3c4b8f7325b1
a63fc1ddc963bb7b1fa84264c2d2650dd951ff93719bd7a9569c2ab632f49d99
a648b4edb645170f54d219ca6e4a5b22857fea489e8fc07d9e2799383d0640a2
a68b24fd2534e81e7d1082ac8f1372aa04b8297b34408b1cfc6618cf67f6cce7
a93f3a7b1db7eb0303f77958ca59a40730546db9e739b627f70c0146b71a5b75
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaffe543bb5a01ce9cab9f9e2d8fc9df9efb721248fd1c49e621d0a91dede90b
b017b0b1b555c3060c11db3eaab79c7c53a04a79bf8163e7e97df778fba1bc55
b518609a41c8b83bbc5f874b8d24bbf2d8a0f36b2acb36533a0444572312f8d7
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b82156a924667c27e8e9ddb51cdc88678f9a7adca51d09a6b8c6962852571c4c
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
c14b1159bc09d10dc526bdf2125e0be193f29f8ef5b4ac3b0e0989bbc35ea073
c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c6f5e506db19cb972a8173e9a44a15402ee87b6fc3dac64e399a0215f58698f0
c8a3d032d94db8f60853f5a39961c932478db631047c8f161fcb3b9fad6df968
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d279a8f3340240ea270cd06bf0a845a4e83671a924833fb7cdb7f9d115d8860d
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d58c1999b63cfefffc036f41c41d8be5a138543184b4b47a748b2a76e1813fb5
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
ddebfcb22d9e99627cee53848161a63c327765d7f941aba2f52d12765c670171
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e39a073ca78f3a0c3c3d9a8158f45a92d1fc89cf253a39f3d326b88d070a243a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea337489d1e2bbf6435156aeb12fd357458ce9080a592418898ab096725f4535
ec64a04d4c7052028ceab87233a31c4f194cfdd11ff26c2316f8ef83398dc5cf
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f693ec2ba7a412b69a5a6d596147e44371eab08470662e197c71ab96329460
f30706f6f7b483dea438968b354d5329358eda60a7f5b0c864576b12e4d1c769
f3971f682e1cdd324bc639f47ea2efc1e4cd4188f55efe418e3ccfceec44dbf3
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f4eb24688aed0a7b80c9a4b77701bbfd68259c126ddd64943ed72ece80325f7c
fa03e14db9e4a4f968fb0ab7eafa9a90dd7ed860cf809fe1557fba126bf34380
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

www.bolatimes.com Open in urlscan Pro 2606:4700:20::ac43:45e2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

96 %HTTPS

80 %IPv6

23 Domains

41 Subdomains

34 IPs

4 Countries

3312 kBTransfer

6257 kBSize

20 Cookies

20 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bolatimes.com Open in urlscan Pro
2606:4700:20::ac43:45e2 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

96 %
HTTPS

80 %
IPv6

23
Domains

41
Subdomains

34
IPs

4
Countries

3312 kB
Transfer

6257 kB
Size

20
Cookies

114 HTTP transactions
2 data transactions