urlscan.io logo urlscan.io
SecurityTrails logo

www.bolatimes.com Open in urlscan Pro
172.67.69.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bolatimes.com/
Effective URL: https://www.bolatimes.com/
Submission: On November 17 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 5 countries across 36 domains to perform 309 HTTP transactions. The main IP is 172.67.69.226, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bolatimes.com.
TLS certificate: Issued by GTS CA 1P5 on September 29th 2023. Valid for: 3 months.
This is the only time www.bolatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.26.9.44 13335 (CLOUDFLAR...)
55 172.67.69.226 13335 (CLOUDFLAR...)
3 74.125.130.95 15169 (GOOGLE)
2 104.26.10.188 13335 (CLOUDFLAR...)
8 172.253.118.157 15169 (GOOGLE)
3 142.251.10.97 15169 (GOOGLE)
3 142.251.10.84 15169 (GOOGLE)
3 104.18.216.65 13335 (CLOUDFLAR...)
3 142.251.175.94 15169 (GOOGLE)
2 157.240.235.1 32934 (FACEBOOK)
3 13.107.246.70 8075 (MICROSOFT...)
2 74.125.68.101 15169 (GOOGLE)
1 142.251.175.157 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 182.161.73.129 55569 (CRITEO-AS...)
1 13.224.250.104 16509 (AMAZON-02)
1 13.33.89.72 16509 (AMAZON-02)
1 104.22.53.86 13335 (CLOUDFLAR...)
2 151.101.1.229 54113 (FASTLY)
38 74.125.68.132 15169 (GOOGLE)
4 64.185.181.238 40009 (BITGRAVITY)
8 142.251.10.156 15169 (GOOGLE)
6 74.125.68.156 15169 (GOOGLE)
47 74.125.130.155 15169 (GOOGLE)
43 64.233.170.149 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 54.251.97.106 16509 (AMAZON-02)
2 182.161.73.136 55569 (CRITEO-AS...)
1 162.19.138.83 16276 (OVH)
1 136.243.84.75 24940 (HETZNER-AS)
16 22 64.233.170.154 15169 (GOOGLE)
15 25 172.64.151.101 13335 (CLOUDFLAR...)
15 20 103.43.90.54 29990 (ASN-APPNEX)
8 172.217.194.149 15169 (GOOGLE)
3 23.44.1.119 16625 (AKAMAI-AS)
5 35.244.159.8 15169 (GOOGLE)
2 142.251.12.155 15169 (GOOGLE)
4 20.119.174.243 8075 (MICROSOFT...)
1 66.225.223.31 23352 (SERVERCEN...)
1 23.108.101.160 59253 (LEASEWEB-...)
2 2 3.33.220.150 16509 (AMAZON-02)
1 1 124.146.153.169 2514 (INFOSPHER...)
2 2 13.33.88.98 16509 (AMAZON-02)
9 104.17.202.110 13335 (CLOUDFLAR...)
1 34.96.68.18 396982 (GOOGLE-CL...)
1 2 20.125.62.241 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
1 142.251.175.106 15169 (GOOGLE)
309 47
1    104.26.9.44 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bolatimes.com
55    172.67.69.226 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bolatimes.com
assets.bolatimes.com
media.bolatimes.com
3    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
fonts.googleapis.com
2    104.26.10.188 (None, )

ASN13335 (CLOUDFLARENET, US)
ua.realtimely.io
api.realtimely.io
8    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
securepubads.g.doubleclick.net
3    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
3    142.251.10.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f84.1e100.net
accounts.google.com
3    104.18.216.65 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
3    142.251.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f94.1e100.net
fonts.gstatic.com
2    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
3    13.107.246.70 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    74.125.68.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f101.1e100.net
analytics.google.com
1    142.251.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net
stats.g.doubleclick.net
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.google.com.sg
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    13.224.250.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-104.sin52.r.cloudfront.net
tags.crwdcntrl.net
1    13.33.89.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-89-72.sin2.r.cloudfront.net
cdn.prod.uidapi.com
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
38    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
tpc.googlesyndication.com
4    64.185.181.238 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b.bitgravity.com
cdn4-hbs.affinitymatrix.com
8    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
www.googletagservices.com
6    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
googleads.g.doubleclick.net
47    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
pagead2.googlesyndication.com
43    64.233.170.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f149.1e100.net
s0.2mdn.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    54.251.97.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-97-106.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
go.rcvlinks.com
22    64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net
cm.g.doubleclick.net
25    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
20    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
8    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
ad.doubleclick.net
3    23.44.1.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-1-119.deploy.static.akamaitechnologies.com
widgets.outbrain.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
2    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
googleads4.g.doubleclick.net
4    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
1    66.225.223.31 (Sacramento, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: sa.outbrain.com
stas.outbrain.com
1    23.108.101.160 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
b1t-sindc1.zemanta.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.153.169 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.33.88.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net
cr-p3.ladsp.com
9    104.17.202.110 (None, )

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    34.96.68.18 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 18.68.96.34.bc.googleusercontent.com
hbs.ph.affinity.com
2    20.125.62.241 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    142.251.175.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f106.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
85 googlesyndication.com
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
545 KB
56 bolatimes.com
www.bolatimes.com
assets.bolatimes.com
media.bolatimes.com
880 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
393 KB
43 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
1 MB
25 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
12 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
15 KB
9 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
147 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
r.clarity.ms — Cisco Umbrella Rank: 7598
c.clarity.ms — Cisco Umbrella Rank: 1405
29 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
512 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
jp-u.openx.net — Cisco Umbrella Rank: 14175
2 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 24
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
81 KB
4 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1799
stas.outbrain.com — Cisco Umbrella Rank: 3551
14 KB
4 affinitymatrix.com
cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 41898
155 KB
3 gstatic.com
fonts.gstatic.com
24 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 17609
77 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
254 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25841
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
719 B
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
6 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
34 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
2 realtimely.io
ua.realtimely.io — Cisco Umbrella Rank: 68810
api.realtimely.io — Cisco Umbrella Rank: 66284
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
760 B
1 affinity.com
hbs.ph.affinity.com — Cisco Umbrella Rank: 43201
356 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
855 B
1 zemanta.com
b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 35739
151 B
1 rcvlinks.com
go.rcvlinks.com — Cisco Umbrella Rank: 417699
147 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13407
408 B
309 36
Domain Requested by
47 pagead2.googlesyndication.com 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
www.bolatimes.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.google.com
43 s0.2mdn.net www.bolatimes.com
s0.2mdn.net
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
32 media.bolatimes.com www.bolatimes.com
31 tpc.googlesyndication.com 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
www.bolatimes.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
25 dsum-sec.casalemedia.com 15 redirects googleads.g.doubleclick.net
22 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
google-bidout-d.openx.net
22 assets.bolatimes.com www.bolatimes.com
20 ib.adnxs.com 15 redirects googleads.g.doubleclick.net
9 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
8 ad.doubleclick.net www.bolatimes.com
8 www.googletagservices.com securepubads.g.doubleclick.net
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
www.bolatimes.com
8 securepubads.g.doubleclick.net www.bolatimes.com
securepubads.g.doubleclick.net
www.googletagservices.com
7 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 googleads.g.doubleclick.net 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 r.clarity.ms www.clarity.ms
4 cdn4-hbs.affinitymatrix.com www.bolatimes.com
cdn4-hbs.affinitymatrix.com
3 widgets.outbrain.com www.bolatimes.com
widgets.outbrain.com
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
3 www.clarity.ms www.bolatimes.com
www.clarity.ms
3 fonts.gstatic.com fonts.googleapis.com
3 cdn.izooto.com www.bolatimes.com
cdn.izooto.com
3 accounts.google.com www.bolatimes.com
accounts.google.com
3 www.googletagmanager.com www.bolatimes.com
www.googletagmanager.com
3 fonts.googleapis.com www.bolatimes.com
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
2 c.clarity.ms 1 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 googleads4.g.doubleclick.net www.bolatimes.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 oajs.openx.net 1 redirects www.bolatimes.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn4-hbs.affinitymatrix.com
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net www.bolatimes.com
connect.facebook.net
2 www.bolatimes.com 1 redirects
1 www.google.com tpc.googlesyndication.com
1 c.bing.com 1 redirects
1 hbs.ph.affinity.com cdn4-hbs.affinitymatrix.com
1 tg.socdm.com 1 redirects
1 b1t-sindc1.zemanta.com 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
1 stas.outbrain.com 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 go.rcvlinks.com www.bolatimes.com
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 www.google.com.sg www.bolatimes.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 api.realtimely.io www.bolatimes.com
1 ua.realtimely.io www.bolatimes.com
309 56
Subject Issuer Validity Valid
bolatimes.com
GTS CA 1P5		 2023-09-29 -
2023-12-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
realtimely.io
GTS CA 1P5		 2023-10-26 -
2024-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-26 -
2023-11-24		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com.sg
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.affinitymatrix.com
Go Daddy Secure Certificate Authority - G2		 2023-05-17 -
2024-05-16		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
rcvlinks.com
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.ph.affinity.com
Go Daddy Secure Certificate Authority - G2		 2023-04-10 -
2024-04-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://www.bolatimes.com/
Frame ID: A0F4F6F95DE6D02E11147F3ABCFB058D
Requests: 108 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 92597B8B85305542AB6C77311F9F94AD
Requests: 1 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2ABADF08DAB825DD27A0615A53A78C76
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuD2PoWhvM0n08O_tQpNeTSYt_E45RG0PnnHxnzTho2E6DAdfiIRyJdRrk4r2M54uOQZekxBjAP1ATh3XrumwXllHheiUyWDk9nY5g693U6QWOm8GGVVZri7mMwneBc7L-0Iv0piblWw_tKut-omwEFH7IZ8Q6vM3H8sE4ycjw2T5bw11TsHxqVReqymdC9xT6_ewRiMureVSwYubM0Jy9-nXqUAAyYK3kg_lWIGk6-kXGRpnD7HeEkKlvZp2z9GJfIDbItXe9vetid7yOzCe_UxHpJt3hyMSUOXW-JCujrggp7BzEdTttsmrtVnQQfZ1TuWtUNsCmRjMUXww&sai=AMfl-YR2JvLzPSv-ZcveqJK7LZ8_sTfrM6AHUwjDb0mWb3ZDzCcmRIR_dhAdlM1FdzHJgzH4hrfCixJVvUY1FR-T3QNsb3bsU8_vFt8h5PhbW-n_lKqaip6MSdT1FwiMGImtiyCPOrB8ZJ3ZbI77F50b-dk&sig=Cg0ArKJSzIyWl9SXnYw9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5FD272B350F8E5FC44B88933D3E9AA87
Requests: 4 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38C45D9711C8656118011DC60581ED78
Requests: 20 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1FF111FBE5609371FC74AA468C222348
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1BusVx0hBErRDG92Uhqa6YRg1FWtD0g14LD_5lwvCbt1HGJ_WZbFXHehDYpGGF_S0vaFw5pz8MiI3B1j77tlxbMo_PuEqLylNOKjsNb_lP3emRQjz6fDXgaqr6SD8ufr54UMcnr135T6ICAemW_RnSSZ2EAPuQrFZAuxXkvWaDnhkMEOItLWHpA-dmOi8NXr7_fVxvwyfScN9wgWH1ZSRHxXjPXEPbyWLHRyUFtVQBNOR_Z7Wavepd5uW4MejN-31Gcc9CQfzzcr9nkx5XadLw_hz1Gyqz-2qb8-ppOrBtNB6hrESgEKGWxNiLh6kCXNsZvp3E9VuhjY4hMdKheJfEn3YJjljP4wvhzSsYCXXIh8k31g7lg&sai=AMfl-YQ4P6-0kwep_roDVxzSqtRuW5evCGwCaK_8_xYAYz6YdPejtk1eBoOSPQHKsWzqKhMVu4RcjTlumhfQeza_3NLI0LxOA3F66SKcSr_8OgjjvWP4yPYDDD5bjDGMA_XTFAglT-cqHkBjxFY9Fux8GpY&sig=Cg0ArKJSzBJCim1Rzr0vEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1708F43236EECB44914141066E158434
Requests: 5 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3612188D580E5CBF466A58C043A3D1E5
Requests: 13 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A3931998EDB0D8F64E122D7D7F8CA344
Requests: 1 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95621CD4FBB40826A0907082E2EA45DD
Requests: 13 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED6D8AA6B45270BC9075216C97BD4DD6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXhTfbjFXzXn4zg5i7kAjoQB5pTvqOGG4Mlh4LqDOqbIGn9O7VvnKEMRhxnnkR8msRNisxwmhwERn8fjtjKsQo_FA0rxw
Frame ID: E4BF070D82B9FBFA90E2594383A1F682
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGPnfh_0BMAE&v=APEucNWtUJoGZywPOjyk1SRhsXjNhJ-7ndyMr7Y4-_xVWx110x8QqF8coBHGD0wr0POI8ajolp13CLD-tTqece01NfOi9p99Cg
Frame ID: 8B286CB16C5059C07968C8EE7B802AC2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGLPeh_0BMAE&v=APEucNVvJA9fy290XPjg6ky2ihp0je8YrXo7vwT9KCO9J8HYqdFQ2XmQ0brfswBf-NWWA3-TLXXnmchejS-DwSE17IVhGb5kvA
Frame ID: 1083905DC5585B4205B7689873D4AA5A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNWqbnp_Ef6qbnKLDOYD6_nWTPRQrzWzphNXS7eIZ9OAOnXfPCU-Jm3PVrbunq4-eIxeyuNeVLgsFKEHCT8uSzRIQNNQMg
Frame ID: 829B0DAA0AF6FD8F07F2ED7821BF7614
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNU1iUpc8Pf8nohVTWVqqvloiMI5pmKyZhDbFKzlcLhhzQUD4K6WRM3dNd9bAlA4qnff-6fiwbQamBeHMU0ONc9pDpZ9EQ
Frame ID: EF76F923B7208792BEEBAAEE725D8A25
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 94E8C6DD943C900EE9AB91F0708AA579
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 953E67DFA6D11A9D203445D6C0AC036C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 168CBC88025C9A54C3B3D2C122A4C19B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C33480864614F4B26E25EED5E7665C93
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bolatimes.com
Frame ID: E5BD08CBAFE3E8F7772FED34B4C4A08A
Requests: 2 HTTP requests in this frame

Frame: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC7DCBBBA117116447E5A2AF30162535
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
Frame ID: 9FB0A20F4832712C8EB66100D875F729
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
Frame ID: 8446EB1621ADA437401AFE37804311C3
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
Frame ID: 949D6273A3B526D179066B3DA2680EF4
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Frame ID: A3AE4B19E2A04AEFDB93770D585DC962
Requests: 10 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: EAC49121BBDCE1C153A94FE4DD949449
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 0B256A52397F66ED40F9E226E64703BE
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DED06FBA14B76F1C85C5567952460F84
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16031603795926450176/SG_Oil_Price-1-Singapore-970x250-638333200396802132-8d6f58ae-9447-4aca-bf13-ad5da8eb240a.html?ev=01_250
Frame ID: 813917011F48954201241117BB5F33C3
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 11A07AE0E9759515D42351491A3F7770
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 40B66946D6F3E767E27C2A51E78DAB68
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: 8C0CAD4E0DFF731B0E85BF829E521972
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: E4F89360A6E999066AD6CAE5B3BF1FB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64ABC4F99C4319FF61B1B1C1933BC751
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7815E9F8BCBE2DDE3037F030749D1E2E
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/bb2673b0-7ffa-49dc-a61d-ae6032fbc3e4
Frame ID: 7A7D5473733DCFE7072D05B48F5FB07E
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F8e085100-2ec3-4466-95ca-48db100aab04.png&w=587&h=331&q=90&f=webp&rt=contain
Frame ID: 25AB79D5347AC9C120D3D4DEC8CDC31B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BolaTimes.com - Berita bola, Jadwal, Skor & Liga Eropa

Page URL History Show full URLs

  1. http://www.bolatimes.com/ HTTP 301
    https://www.bolatimes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

309
Requests

91 %
HTTPS

0 %
IPv6

36
Domains

56
Subdomains

47
IPs

5
Countries

4488 kB
Transfer

10636 kB
Size

43
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bolatimes.com/ HTTP 301
    https://www.bolatimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bolatimes.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bolatimes.com%2F&rid=esp&cc=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Request Chain 166
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Request Chain 168
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Request Chain 170
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Request Chain 172
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Request Chain 174
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEzMzAwNzU4Mjk0MjQ1ODM0Nw%3D%3D
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Request Chain 176
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Request Chain 178
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Request Chain 180
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Request Chain 182
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Request Chain 221
  • https://match.adsrvr.org/track/cmf/openx?oxid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=9c6d2cff-2cb8-4a99-ab65-fb92ad7d63c8&ttd_puid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0&gdpr_consent=
Request Chain 222
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZVbRxMCo8YIAAGWIMaUAAAAA
Request Chain 223
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARqfFl_Mly07ks8AD7ImPUCEm88AAAGL2yNpGQ
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFo3pIl_wVSbK68pY9qCHNA&google_cver=1
Request Chain 286
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F66BE12D1ECC4353B98948E83D90707B&RedC=c.clarity.ms&MXFR=23015500ABB063D22AC846CCAFB06D1E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F66BE12D1ECC4353B98948E83D90707B&MUID=0F9DA9A4801762490A7ABA6881226374

309 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bolatimes.com/
Redirect Chain
  • http://www.bolatimes.com/
  • https://www.bolatimes.com/
119 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3f53a13c8c4c7316c306ca86eacdb672a0873b7b1cf03a616c3a96a09f5e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=30
cf-cache-status
DYNAMIC
cf-ray
8274968b7bb4604b-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:36:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDxmYobVn2rRk%2BDvRRQHxHZXB4w72tDh2D5AOdlS2%2FPk46PP1OxhK69U5rh8wr0RaBYdrTwhHGos%2BItdW4QLtf31JIhVSmOVGiRIl5Vs5LnL0kaWMrCmCuo78cGg1uQRFfiC"}],"group":"cf-nel","max_age":604800}
s-device-type
desktop
server
cloudflare
via
1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
x-amz-cf-id
54xLhJNmB4dsN5vris-THh3RU5c5Ou7UyDo_xruN_0m1muq0TiZPmA==
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
827496862f0b3fd6-SIN
Connection
keep-alive
Content-Type
text/html
Date
Fri, 17 Nov 2023 02:36:46 GMT
Location
https://www.bolatimes.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YkkikEzmnKGg%2F3B8a0idRvInccEcDOcoBXo%2FtSxIcNZxB25lHWwIKxUqv4nBZr96gjf3fvSmFSlln%2BSCoLGlMludhtwIyINCp%2FCUujDzdJmdrhmhuldSAuF4iIbV7D8QjVe"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
KmnwaUjtX4Chu0XG46DpK5h2nQPYa0UCos2n5y9-_89fLGHuzG049A==
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Redirect from cloudfront
css
fonts.googleapis.com/ 		3 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:48:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 02:36:48 GMT
css2
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:48:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 02:36:48 GMT
mainv3.css
assets.bolatimes.com/frontend/css/ 		62 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bolatimes.com/frontend/css/mainv3.css
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2badd7715dce54238a7b8cb1d0a25e7e605e6fe5756c22705b2fd24bcc40bdb3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 10 Sep 2023 10:07:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3350
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B%2BfYlQa2O%2Fw80120dQZSbP91qIAV%2Fq00RkVMV4MSqXh8gD3SfhutHyeYC5bOu8iShUfQJgv9qS4RWv712Jm13EkqsoywLFZzs9LMxu2Gqa3AISyE5rxk4Tqne5boPn0UjhZHdLa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8274968e3ea7604b-SIN
script.js
ua.realtimely.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ua.realtimely.io/script.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5330
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 08 Oct 2023 07:39:41 GMT
server
cloudflare
etag
W/"65225cbd-fd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euRKoUtIgQb5%2BAGjgRrxtQRoEZTuCPEWKcldcAvLl1XqJWoe2DBP50rOnggPYXJV5g4lzDNehB4kEPqkBuWofCz3%2Fcss%2BPy2Lk2iZ976tut5qyuFTPshhr7jaSYVIyic4Ro%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=57600
cf-ray
827496969fae3f58-SIN
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
d1815d23640fc8171f027670c9ecb1e6855c46150ed0882da26979f3cc78274a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31769
x-xss-protection
0
server
cafe
etag
983 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:49 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
13f06a9dbf669edbb825ab6b8f114959e92d3c9beebb4136a33354a7cb66102a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91602
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 02:36:49 GMT
gtm.js
www.googletagmanager.com/ 		211 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFVNJ45
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0e4944585b03c55d5c6170e78cbeed0f6591d57df8248a08c6fc20d3014c0138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75913
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 02:36:49 GMT
jquery-3.6.0.min.js
assets.bolatimes.com/frontend/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bolatimes.com/frontend/js/jquery-3.6.0.min.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 03:33:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3350
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnEq5Lp9Gur4YQpbCMSCK5PbEAw%2FEwwX%2BJklmK7LR%2Bz9hHytZKtX9vvqmJzRnF2ts2Q7tE32biCEZzqbA2ASO6PlyWa65e0iaSTTblbYJUWpKsntajAyQjJiPr04kzhyGAr%2FwIFB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8274968e6ed5604b-SIN
main_less.js
assets.bolatimes.com/frontend/js/ 		2 KB
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bolatimes.com/frontend/js/main_less.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
497606174d33144abb9db14fde55cca26e006f8141db8cfe2dac34c78585efd1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Sep 2023 07:44:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3350
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JS7RDmqbafaRphnW2TWbixPMatqqZUp2stXI8GbhsyvMhLi00tOaEnMHDJ%2FFtbmMFIjeRayqwzSb7y9LF3EGcDcKKHQiBoQMWqKdV8AQagiBmO2BUjnT8DfW1kIhexPbjNsOE1o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8274968e6ed7604b-SIN
sso2.js
assets.bolatimes.com/frontend/js/ 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bolatimes.com/frontend/js/sso2.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e86d5daba4248268210690a10bb5024dfc0e186c742c192c7ca58b8f682487

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 06:28:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3350
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLOKKeT9t1heaSm0hBxhAR2Zs%2FCeLmdafg1BqTdWIk2%2FZcK9SbDpe7fp6e7lKcq3CJ1MU%2Fx1lhytrfEpNs6ReWj4MAB8OE4yvZpAELc7y7uBaVtG8SKRrQTFyoipYLSjF9JaBRKl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8274968e6ed8604b-SIN
client
accounts.google.com/gsi/ 		199 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f84.1e100.net
Software
ESF /
Resource Hash
7fd234bce7d54c4abd3da8eac793fca19a96ad314383832a848ec407a14507e7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rYPDvlAqwkppuyYAkquUuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rYPDvlAqwkppuyYAkquUuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 17 Nov 2023 02:36:49 GMT
handle.onetap.min.js
assets.bolatimes.com/frontend/js/ 		868 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bolatimes.com/frontend/js/handle.onetap.min.js?v=5
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a149142e7aba6801f84579262b984d0c6a2b6704c0e7b4cff4eba3e976c40e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 06:28:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3350
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xym47zl5lY1IPmi13GAIlzZ6t2eGSfulAGrxQ%2Fxnp%2FE9ai0ER4f%2FjWFuk0qVtPdW%2FBqpXvVZJPOT4mIaoj%2BLbSbNyRlgce3VwFGhqi57%2F%2Bwnkysnr10EuJ%2ByCuPDa3bQfB5R68uQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8274968e6ed9604b-SIN
4884cdd3865bfa28e0cc689b8cb854f5876ffbde.js
cdn.izooto.com/scripts/ 		882 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/4884cdd3865bfa28e0cc689b8cb854f5876ffbde.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.216.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414405a41dc818b5d2d5fbf03f51c04177651c751cf3d0fca72804b7b3fed16c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 28 Feb 2023 06:49:58 GMT
server
cloudflare
age
694815
etag
W/"63fda416-372"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
82749696cbbf3fc3-SIN
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 02:36:49 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bolatimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:46 GMT
x-content-type-options
nosniff
age
28443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:42:46 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bolatimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 17:45:53 GMT
x-content-type-options
nosniff
age
31856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 17:45:53 GMT
arkadia.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/arkadia.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab16bc4cc5661dd1dadfd18645375a49b40e64e48a80cc38601f44028d58576

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yszIfNpuKH5XuZuJzHZYppGfi%2FdQtLY9U6MzmuPsqk3uOabSavXE7DCqRLikXgN0B4lMjueJtZ7T9jhUkWLIVkW4DTjwpi8YpqeeJ5CRtJbOmk1ndjBNtCyqrwPfi4OTi2NxtYzN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c95604b-SIN
content-length
3341
suara.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/suara.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022f6f7dd1ac8af8f705771edd61e4be32f38eb80c0637410394fb2ee6465fa1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvIph9t6T7ajx75alkigNxqpLuRO703BvrZLPpNYSyqTUMto6sWjsetfMGSMqAfOHawQocc6W8ZiYZwSLfuMhYg5YX9AsnAg7SjKWAxbEgoV%2BmQUPb9zCn40F2%2BcZRbMV1ebkZ8J"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c9d604b-SIN
content-length
1802
mata-mata.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/mata-mata.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db364bd307c0f2eb2796af082aae339f1acb86846639246a93b95d988ec0cbf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngI6Id3LXO5RYGmCv0YKMfjZ1Xv0A4wtbfQZtTYHmYWRsiM4%2B%2Beg8t6Llt9SkCex8bBEZC7jvQM3HCoS7WSa4YZoac1Scua5ohJjFYNrtM0zYS58ope%2FD3PwZecTgvKK6CcPccil"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c90604b-SIN
content-length
1322
bolatimes.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/bolatimes.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6939394fb7890464c374a886ef09e2287d5bc9c43a6a64910b2f40b8b982eb6f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNuOgS%2FivFmcbj5wrjfz%2BFEpgkXmdAz4CN7Yi0VqHHZGqHqiZXktVr%2BFodF8hGsiROiWeX7tPHugCg%2BiWGhp6djt%2FmAxwSGgGYx0Ut%2BEXXYpMKyuFy5NskqT205VC2mAVqVPtjs3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c9f604b-SIN
content-length
1184
hitekno.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/hitekno.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc012a02cfc5bc22cba65e9156b6c7a5210e3bfa7ecdc124efbbbd5ec5fa2cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tquF3awU0GndU592aptKHlOubEUXXlXUsdZyTCUfhOazgAkxg0QwMyVWTmLmTd1%2B6XQJ6gTUMuz2%2BKnhxnEscS8xUv6%2FPT5OlNK2xsOSPpdoaQJ1hVPwTjkc0oXrcuKsvuLrmkWt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c91604b-SIN
content-length
1133
dewiku.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/dewiku.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa4cca798ded68e410f3069603182923249372c3f8205ff49811dddba47caeb9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZA%2FmHSFXp4l7DgsQNN3OKpxJJHvMVfaAVQRARapCCqyUWSWbnGWEgpdZEPZ1Zk4RyQoBQtFHAbsYVloGrOy%2FUqXDue0J2Wj7N2f2WlCoEz8vww0JWm8%2BsB4rE6Jf9%2Bhjt02Qr5tz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934ca0604b-SIN
content-length
1114
mobimoto.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/mobimoto.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955f06de08c6d6562a4bddc57f57129005d84264e91b663b68cca5163b83f17c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnxUM%2FMu%2Bkf09RrzB4ZBI0SMK%2BZB9ywZmfINEOJooBm31MrVwbuSQj%2BwQO2DKu%2FAQXqwlahk1jtidLgle%2BJBgVWi%2FlCOUp%2BGzLyPWscDo5pWNAcc5OH95oF0JS48c7eENy5DyQ8F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c8e604b-SIN
content-length
1310
guideku.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/guideku.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bdd0c41950428372a1d5404e8768303b97ad34ceb588d63d4cd731cb8eb753

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F0RlS%2BdPsRzw5Dff%2FLpqjLRigxsEog8rXV188m32ugKdKVdqmrVANjWzPJPJ4cdJx8RHktXTTKuaaDAjF4951m2TY5Sb%2BWhAdAOm9Zqwdn%2FMZtO3yupeSgeIZ5DuXpVomYYJJRk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c94604b-SIN
content-length
1031
himedik.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/himedik.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66056beb2d56a9a3ed2f5625ee14615945ed8cf536254a8480de89fc5825b9c5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxMwxFufkUsZ%2BgbuevsSyuzlRaCyz3qHd8dZFQ1en8302waUUt3HW8kisjWvS%2B%2BNCbDApE08xcgjvY8XGWtHMDzU%2FvnvKkQnztfx1QTNTPHEnnI%2BEY8GfO8dqHg8viRhPHz%2FaiMe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c8f604b-SIN
content-length
1088
iklandisini.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/iklandisini.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13014e5fd092f117122d19b5f12c3cba054a840a01a7ab6173bbc68e17fffc43

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P05RaXPP0biO3zTd7ag04TbOq7aP4XWnXE55HDNarFPsY6656lS38tw%2FcMG1P%2BhoZgbVq6lDBOkR6nmFaeG5YvwXO9R6SUJLjOLPPo5FXXyHdOqIPFocDBDbSK8Pf0EKyREBSnzE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c92604b-SIN
content-length
2033
serbada.png
assets.bolatimes.com/frontend/images/icons-other-portal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons-other-portal/serbada.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac987c576c16eb10e5220b449c01f51b6e1aa3fda5d7fdc63eb32ad55d1c0a2a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXOKVDTvJVQ2aES93OLPVsgHQ6NppvFqX4onMsTeqmq0gFAAQLd9HwPieGTGAUHzV2H0KxViq6wqKm2DggzcHRrVKb8CF7KeIZF92d3DtWfaEi6H7AOQlU6acY8JQ0V7ZNQQVqb8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c9e604b-SIN
content-length
1070
logo-bolatimes.png
assets.bolatimes.com/frontend/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/logo-bolatimes.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f5e506db19cb972a8173e9a44a15402ee87b6fc3dac64e399a0215f58698f0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 14:48:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiImTaIfoRmGB0PVbkP0gXnGAQyHVqbUL20BXR4Jz2%2BOBGUJ2o1yhk09Bd9MDc6LfW01dlK73EhbrezYy%2Fa7dg85TCFuOBv4%2F0GG0%2B1pzYatZvjw2N0HSWRruMaB4OirLfIwheAx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
827496934c8c604b-SIN
content-length
18383
fb.svg
assets.bolatimes.com/frontend/images/icons/ 		875 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons/fb.svg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48a5159607c80af03b7dff8b73fb9d0f22b3497c66f4d1495ce935f4f6f9895

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB6cmoL73Ggrq9Vg60Z5nU4zXQh1QEEJ%2FQkBW1ZXJxIN8946x5KN5E4cMsmaDe6kXRXADuP9sYpmoi5gNy2cVmXym8gE7ME8gfQnimxB1x5lkRraPhhlC6Zi7r6boNWYVjyFo8QG"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
827496934c9c604b-SIN
twt.svg
assets.bolatimes.com/frontend/images/icons/ 		889 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons/twt.svg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0beec731432cea38fcac5f80f1bc773aeb80661ad593aa56cbe4cedb961f0d91

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI8qH4LFRuQvERXduqez%2FwTNXm5Q5GTidHrqmltwA8NIfzIZZOodJcSy2uEcG8j%2BjJ5P7s915gmRu3nHQYxyEAiNbVGqYyczlfHYTjw7%2Fm2r9V84rJ%2FPp65pTU4GTYigXAabRIyZ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
827496934ca2604b-SIN
yt.svg
assets.bolatimes.com/frontend/images/icons/ 		552 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons/yt.svg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb2f8a39e99cead3e9c3bfe90ea5a9e5c6c26bbb22819a6ea962873b94fd161

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuHJcrFe%2Bml3j7BX%2B4DbmgHE5v4I%2FOv%2BapRmXf%2FHFBHNG8mCPsDQbefnqchjIylJrQi5udQcfIQtm4Teu%2FU3sdYWI6kB0cuRdcf3T6OAqSoUGY3QeRH7O7zmsiNEWTOWXgVp%2FaJ2"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
827496934ca1604b-SIN
ig.svg
assets.bolatimes.com/frontend/images/icons/ 		41 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons/ig.svg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe27ef09a2cb7e29eb5d5e9cf0d49c9b439e7dd13520d5a5fa30ba5e20dd8c45

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB%2F350Nx35SrU1WiuMcdbIMRauIkvzjTwhxaE10tGJvZz0n5xgd3fYIxFKuc7upJZedO2rCPWoEAxkhKLeQvyXluUDeDdkPVf7VFbtXgKZU8YWK3fZAnet3oHgxN6KBRrKW2bexr"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
827496934c97604b-SIN
user.svg
assets.bolatimes.com/frontend/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bolatimes.com/frontend/images/icons/user.svg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a2de0540b0ee3d53c1869982e1565527cbcf6725858ac2051abff71870c0df

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 02:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRwIW1Sb%2FvUZnARNU43XleetiI%2FLt2JP37VJgBW1SOFPVxzU8AZq%2Ba6mshjC%2F8AYsxaZ3%2Bd4vn8MZAgQ2GFUoRzond3ncnnvVfph7g%2BZ6B0gXuqkzr%2FylRoYod%2Fhk7OUOmcJ0Y7H"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
827496934c9b604b-SIN
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bolatimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:57 GMT
x-content-type-options
nosniff
age
28432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:42:57 GMT
730x480-img-41950-logo-persib-bandung-dok-persibcoid.jpg
media.bolatimes.com/thumbs/2019/12/28/41950-logo-persib-bandung-dok-persibcoid/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2019/12/28/41950-logo-persib-bandung-dok-persibcoid/730x480-img-41950-logo-persib-bandung-dok-persibcoid.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69f4169373eb4a6bab8d5fcdbfd63402d5cd44cc108bf9e3b8effd3d78ef934

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
147992
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
content-length
40391
cf-bgj
h2pri
last-modified
Thu, 11 Feb 2021 17:37:09 GMT
x-amz-meta-s3cmd-attrs
uid:33/gname:www-data/uname:www-data/gid:33/mode:33188/mtime:1577503629/atime:1613033632/md5:8ec0b1e585639f0a52d60dcaa8c9165b/ctime:1577503629
server
cloudflare
etag
"8ec0b1e585639f0a52d60dcaa8c9165b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrQlsrUl2ZVI1N3rmVrcnPPNuQgXaA%2Fg35VLn5vmcIC9jyMetC98kbMx8u8PKFoIfCs8dQkpqXutib6%2F5emA33K7wp4l9tBOF0qKtFfEBmX5qxOBLunZlp8plfi55JJOAVS%2BlJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc1604b-SIN
x-amz-cf-id
uiV_pS7gO17bkxPrIoKdNY7EySt4-Ek1RBcYD0x7kzzc3-rxQtEv1g==
350x230-img-51862-skuad-indonesia-u-17.jpg
media.bolatimes.com/thumbs/2023/11/16/51862-skuad-indonesia-u-17/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/51862-skuad-indonesia-u-17/350x230-img-51862-skuad-indonesia-u-17.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63b1ccec6d465e0bdf78e40b558dca30a96c7aa698b36b99ab786e2d5e0331b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 4bc700d87dc12c5b9fe83b91ddd63bea.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67498
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
38742
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 07:46:32 GMT
server
cloudflare
etag
"029c0e266f2d0b75136b6e542f089331"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS3%2FxKPvhUpShQQt2apj8Xi3%2Fe9U0AD7mbPW32Q2dWUS4vCCQEngdZM0uoKNXNNRK2SBwL5fhQvpsY3Kwgd4v7sR96j32W8WBK2yDWOcNvNm5LRr5DUelKBpmj2GV3GKMBRBLb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc8604b-SIN
x-amz-cf-id
cv6eBShBpwuCMiamEeLTBMR8upmO8FqBQnCUaLSdYmgx9sN6rtfhiA==
350x230-img-60563-pelatih-maroko-u-17-said-chiba.jpg
media.bolatimes.com/thumbs/2023/11/14/60563-pelatih-maroko-u-17-said-chiba/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/14/60563-pelatih-maroko-u-17-said-chiba/350x230-img-60563-pelatih-maroko-u-17-said-chiba.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78effafe5fa6937673744b3f1c6d050ab815b361589f4555ff555d819d5c1046

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 1a95269c34e986ace2bf21962deb2db4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
233250
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15258
cf-bgj
h2pri
last-modified
Tue, 14 Nov 2023 09:29:28 GMT
server
cloudflare
etag
"9cb53648a5bc3be603454329d98fb9d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k2Xsoixs3zw1Up0oJIezqkn4p6X05ymGd4Z8PRkmcbd8H2y2Cvjq3mJRS4Qu6%2F4DJklEIrwFumG6pUPDBTAWRevLLbBxrygemBEPkpXcWG8MtuHyXfhyBoTIua9qgcMSwqVvRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cba604b-SIN
x-amz-cf-id
jDtLffzvUMWRdbGJsQ8EqqtiN0jNFb5ojxu-e523-tkdAzmP9ygu6g==
350x230-img-19220-selebrasi-haaland.jpg
media.bolatimes.com/thumbs/2023/11/13/19220-selebrasi-haaland/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/13/19220-selebrasi-haaland/350x230-img-19220-selebrasi-haaland.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95073c2532dce629e8ce366186746616e57a98dcccd00f9184b62ca501bd5516

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
367130
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
32875
cf-bgj
h2pri
last-modified
Sun, 12 Nov 2023 20:37:58 GMT
server
cloudflare
etag
"d4fa5dacad6c34de022c32c452140501"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRS6l4jTYnkwflTcUAAlp1%2BAC7fmwZtFg2RoOsMyTrmILJ2Z%2Fef6eHv0zfmlttWcJ2cfttAbgQxA3OnYVOSrQTrcZ8z%2B2CNd9cJaoL4SuX2itBz0ZLkDBulGmL3wVx%2BXdctvmbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc3604b-SIN
x-amz-cf-id
spH501svaVC4PfZB56wmzAmD3lb7lkTg4JHZPTZjJWwcjcWbxdbbCw==
350x230-img-26520-liga-inggris.jpg
media.bolatimes.com/thumbs/2023/11/13/26520-liga-inggris/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/13/26520-liga-inggris/350x230-img-26520-liga-inggris.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685f33d71548130c8fed8a9c0d02f21e5a3337d163f3a2f11f0be64641169dda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
366720
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
31031
cf-bgj
h2pri
last-modified
Sun, 12 Nov 2023 20:44:48 GMT
server
cloudflare
etag
"e5214c84f94a759dc74f44b3bcf9874c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McWUMK4P%2BJugaWduQ0POska6IReDK0wcghQPmPpcnHjUcWKCCL6H8gLRIapR7kxE%2F3g3jjX1FoCohFlZViNr7FDR3bn%2F1AFHN2%2BrRjZ5u8qXd6bf0tUxoXPo7LWbA%2B7OTzzrp4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8274969768dd604b-SIN
x-amz-cf-id
6mLQbzApAo3gMvNMhInXnzCo0lCajFygQb_2BSulKmYo2bPq_fV9sA==
350x230-img-69585-pemain-liverpool-alexis-mac-allister.jpg
media.bolatimes.com/thumbs/2023/09/03/69585-pemain-liverpool-alexis-mac-allister/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/09/03/69585-pemain-liverpool-alexis-mac-allister/350x230-img-69585-pemain-liverpool-alexis-mac-allister.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fae736a19509fcd0afa37d4d95a3cea5d43e7f3f3ded30aacf6a7fb61c3c61

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 ae495479ab117e6473f411eb6dd0ba98.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90045
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22845
cf-bgj
h2pri
last-modified
Sun, 03 Sep 2023 02:57:20 GMT
server
cloudflare
etag
"6659f865d81a6f66ea12b9708ee02877"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OeQF87u%2B%2BWxlrXQPfKGErWEzcAoKJ0DR82hm9uL3Cw0q%2F7U3QVmrWU378df2fRxTlCctwGKXbJKZ9B0H%2FB%2BL9OfBSe3uCWQsX7TP%2BQOhJx0jSVFYbspbI41KIND87SSXrCkxeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8274969778ee604b-SIN
x-amz-cf-id
mYvyIcdwU2ATdT-EI7drDM-YLOhSZRe0i_Y1fQ5qYonAJTb-kZ2hmA==
350x230-img-60792-pemain-manchester-city-erling-haaland-cetak-dua-gol-ke-gawang-burnley-di-liga-inggris-2023-2034.jpg
media.bolatimes.com/thumbs/2023/08/12/60792-pemain-manchester-city-erling-haaland-cetak-dua-gol-ke-gawang-burnley-di-liga-inggris-2023-2034/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/08/12/60792-pemain-manchester-city-erling-haaland-cetak-dua-gol-ke-gawang-burnley-di-liga-inggris-2023-2034/350x230-img-60792-pemain-manchester-city-erling-haaland-cetak-dua-gol-ke-gawang-burnley-di-liga-inggris-2023-2034.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d6f6347d1fc692a06339d5ceda1bd12482667b475f1e7b9d6ef50440afb9b2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
349713
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10391
cf-bgj
h2pri
last-modified
Fri, 11 Aug 2023 23:18:08 GMT
server
cloudflare
etag
"8a2c77827226f5b112a8eb39b362f96c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2l9JvHZzm6jbcLuXpAlOgTDoTrL1Z7w4LiQ4%2BIM8tYX2DO8ra%2BPCVY6nagE4j%2Bk5UokC6INq64ipsInHysLXuY0%2FyJPZCooRrCoTgOnR9a6w6QgP%2FgHwgEp%2F1XuDBUpBRpXDis%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8274969778f0604b-SIN
x-amz-cf-id
EpARFET0-VN3BbO8G7iUine9p3-QZtqjHtWrE4QjyAO2Esw7f4xTrA==
350x230-img-18895-lionel-messi-antar-inter-miami-juara-piala-liga-2023.jpg
media.bolatimes.com/thumbs/2023/08/22/18895-lionel-messi-antar-inter-miami-juara-piala-liga-2023/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/08/22/18895-lionel-messi-antar-inter-miami-juara-piala-liga-2023/350x230-img-18895-lionel-messi-antar-inter-miami-juara-piala-liga-2023.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c893184b2a702bbf1caf35d14b9c43d08335d9365927ff9489437d84709ab7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 dc82e67c3cbbf5963a8de3bcf19baccc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
696916
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19959
cf-bgj
h2pri
last-modified
Tue, 22 Aug 2023 02:23:40 GMT
server
cloudflare
etag
"449a9d9c2d4bac1dfde6e26c9dbb4024"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7srt0aUEuBIyZrTwmAkpIgfPawrO847OUWfNABihCCxAYyt%2BV014U%2F%2FL6j1Mj%2F3jFZ1suxHBzvu%2F1Gb7rPaumrg3lO44vVqusQTZAMSjAf520t3AY7Rge%2FJTAtMSZegsIIsXZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8274969778f1604b-SIN
x-amz-cf-id
Y5y47e7IrLXMBPgB_9s4hZpA0ud-ufL7PLiExzWHRS1doyeI703r_w==
350x230-img-57560-asnawi-mangkualam-timnas.jpg
media.bolatimes.com/thumbs/2023/11/16/57560-asnawi-mangkualam-timnas/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/57560-asnawi-mangkualam-timnas/350x230-img-57560-asnawi-mangkualam-timnas.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c4c665f7471b3299d1eda0d2da8ee602283aa327b4b9bc92956560eb800146

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 ae495479ab117e6473f411eb6dd0ba98.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12056
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24738
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 16:57:59 GMT
server
cloudflare
etag
"c87e4c40f84e97effc257c403b6ab540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0k4SdP4oLdx4jpupOeYo%2BvR4fu87Jjsbw6RdS2oNEf1v5XbiipEXdc14QJDUpcpUV7ZspvqGoIPbzzzz%2B0JW5I2u02IU0NQYHdrXqtX0fgpyELgfaWlg3%2BiSJSAeD%2BV2mymtyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749697c945604b-SIN
x-amz-cf-id
z3R0172XsrnpMxy9fn6QTlZJefgeVbgalLdw6CSr7Z0XjQqkOYh7Sw==
350x230-img-55355-erick-thohir-dan-shin-tae-yong.jpg
media.bolatimes.com/thumbs/2023/06/14/55355-erick-thohir-dan-shin-tae-yong/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/06/14/55355-erick-thohir-dan-shin-tae-yong/350x230-img-55355-erick-thohir-dan-shin-tae-yong.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be75ae335143362caabb6af5ce1dda1c40c5abb5f1f96ec4b8bdf658a2cde1ad

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 6744df903aaebd8a225f5410dbe17efc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
35549
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
14839
cf-bgj
h2pri
last-modified
Wed, 14 Jun 2023 08:00:33 GMT
server
cloudflare
etag
"6ebc4dcfad03baac03063b85f8c7021e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KhKCZqkfc8n7tPEOrwxtqJzqvbGbuChoRxgyGf9V9O0DezbHMzeobpEy%2FV6KyGeNgsGKSP5liifVOxM5etxNzHwAvHNXcUgkfD1nNfx0SixuDxAk8JBpBzaU%2FmRzD%2Bt010rkaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749697c953604b-SIN
x-amz-cf-id
q5bLZ4zBav0EtUHAx__Xj1nXpPRw-0loBxn3iWfbJLpoOeQFSqjjNg==
350x230-img-68175-ketua-umum-pssi-erick-thohir-saat-dijumpai-awak-media-di-jakarta-rabu-572023.jpg
media.bolatimes.com/thumbs/2023/07/05/68175-ketua-umum-pssi-erick-thohir-saat-dijumpai-awak-media-di-jakarta-rabu-572023/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/07/05/68175-ketua-umum-pssi-erick-thohir-saat-dijumpai-awak-media-di-jakarta-rabu-572023/350x230-img-68175-ketua-umum-pssi-erick-thohir-saat-dijumpai-awak-media-di-jakarta-rabu-572023.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56714a79fb1573b83ae8252ff9dfa33614869a90123d09486b2bda5791dd5711

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107118
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16778
cf-bgj
h2pri
last-modified
Wed, 05 Jul 2023 10:32:46 GMT
server
cloudflare
etag
"a4738deaab42c7fce6b8a6ef0c33d078"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8uF0d5ONq9hrAX1%2BSe6OE%2Fk4X91705U3XHlyEgL1iSb12r8Y7C2RHzPIyI9RzEjmI7gRJNpNZE7ucM2N5x8wgP4MgmsQ1N868OYxVnDmHOzaKXw%2FRoHW6Dy0wnsTMuQ%2F3d3x4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496980988604b-SIN
x-amz-cf-id
_EocPfYsiN6ezOdzxx_PNtB1q6iMD2yzHsg3vFWymATqmWF6iqL4fg==
350x230-img-50734-latihan-resmi-timnas-indonesia-di-stadion-internasional-basra.jpg
media.bolatimes.com/thumbs/2023/11/16/50734-latihan-resmi-timnas-indonesia-di-stadion-internasional-basra/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/50734-latihan-resmi-timnas-indonesia-di-stadion-internasional-basra/350x230-img-50734-latihan-resmi-timnas-indonesia-di-stadion-internasional-basra.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87640fac50c7946537f86ff5c35077f41c56695bb321aba556913dbe4eb1c03c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82289
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26636
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 03:28:34 GMT
server
cloudflare
etag
"b4925f14811f2d08613b20d76a3ddd40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWd%2FiEzbfaHvdJKSfjTSuFabaBIGX5rfICdpnWWDzHBqPlEn3T3a9ndSY8Q2IC0qnIkNKyNEha9y0m4AziVQ8ZO42Vvtfw%2FOvdoC1PadzYfHr33c9WsHQ3VoSRMrMrTeImwVAPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496981997604b-SIN
x-amz-cf-id
Exmgfr6EPXRRIz698Bqg-g6B0yKZo9XQuvKcryd58WED5WJzaRb2_Q==
350x230-img-20179-timnas-indonesia.jpg
media.bolatimes.com/thumbs/2023/11/16/20179-timnas-indonesia/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/20179-timnas-indonesia/350x230-img-20179-timnas-indonesia.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa57b3b5dde5f6620c6110f91bd2bff612aad0f96b37df7240dfe48f2b76d973

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
49566
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
25368
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 12:50:40 GMT
server
cloudflare
etag
"a3fe52fe7c493945a29cebb1c8b9239f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfTvqu4QkFOZCXIHkROaF813vseGBb0A6xQX7dwRvJg4%2BVtDvnM8Jod2pJo2JceHAMSFaq0moCNPHacfUlODMtEbbZlxxZeKDjXponE4XQtMCtwVeytPwkbmt4nIjWx4dOzQonY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496981998604b-SIN
x-amz-cf-id
t1WQyKXybVbS7H30p0_szhhByjT02H6EUN_Jb-Phy9DqICwZDEKsTw==
350x230-img-81629-ragnar-oratmangoen-dan-erick-thohir.jpg
media.bolatimes.com/thumbs/2023/11/16/81629-ragnar-oratmangoen-dan-erick-thohir/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/81629-ragnar-oratmangoen-dan-erick-thohir/350x230-img-81629-ragnar-oratmangoen-dan-erick-thohir.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049d976322215b1e62d79b945454ce6529e2f0b5fbd571e4ffab7c948b01275a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 7d8cd6b1cab0712d291c381dc839b042.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
68371
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
21830
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 07:37:17 GMT
server
cloudflare
etag
"07e46f62f3bfef0dbe803fd91683affe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BDFb1z6ueVihic5ZiKy5tL6y7nhM8aqd4E5wCOpsrajDR6WfxMQxYMd6IpIuyGdbL9jP%2F8xev3zb1tOZORHKWgA0%2BAB4W7glQ3hL9Mq%2FX5nP8UZLVOLLZhRrOUHHnvaxL8HffI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749698199a604b-SIN
x-amz-cf-id
GlTBpypOjKiNZlgcthtJYjbiRcKEx9V5bgsdTxPf3kJ8e6ek1Ry14w==
350x230-img-36337-persib-bandung-di-liga-1-20232024.jpg
media.bolatimes.com/thumbs/2023/07/26/36337-persib-bandung-di-liga-1-20232024/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/07/26/36337-persib-bandung-di-liga-1-20232024/350x230-img-36337-persib-bandung-di-liga-1-20232024.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd5dd5bc37546ce434f80d93c5e21800ffbc1c2e055c524afc79542a7b2707b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 80a9a66193c3e6350d12faf1c397c974.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
539259
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26405
cf-bgj
h2pri
last-modified
Wed, 26 Jul 2023 07:54:06 GMT
server
cloudflare
etag
"8d19aebbdbc0e6f7c19fc7110d815e81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzgFLScIgTnRjIJF%2BoSNSKpBmkW%2FJuSijUl3K%2F6ya2lNU9wD8lo5MuVfXQRvVWloSE6mGo0gOPL5c5SPCqDRzbaSvawYHXJFtYe4Fvkm0MR2wDdNXlcwqxvpMSelwyk4%2B9XH8Z4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8274969869ee604b-SIN
x-amz-cf-id
gPjvLNwikdMVnUftZg_OOIVu6YimZOLEq6r3U9ss6BMV-q__sInOjg==
350x230-img-11474-pemain-keturunan-indonesia-thom-haye-instagramthomhaye.jpg
media.bolatimes.com/thumbs/2022/01/10/11474-pemain-keturunan-indonesia-thom-haye-instagramthomhaye/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2022/01/10/11474-pemain-keturunan-indonesia-thom-haye-instagramthomhaye/350x230-img-11474-pemain-keturunan-indonesia-thom-haye-instagramthomhaye.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77e112010ee980f3df9c5e16b729081cb091d6c34bb77c1c86b7d17c3442397

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 7d8cd6b1cab0712d291c381dc839b042.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131987
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
content-length
16069
cf-bgj
h2pri
last-modified
Mon, 10 Jan 2022 08:01:10 GMT
server
cloudflare
etag
"4b7291f253d1bb87db29ddeb4ef16894"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJi9lddO3v62FVMyN%2B9lQG4NHuP%2F6uir3jGa2chBdwd9%2FVvp%2BXx5p5J4%2BmbPBgcgSQ2kLZHaFWKaqti7QbEgJEYwyLfk1xNbA9uFipwFp5fV%2BryUUgPzqLyssr14Ueuae9N3duw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8274969879ff604b-SIN
x-amz-cf-id
Bn4Lh8J4lzzjwQyVjayqiSAuOwSuGbOlOzdEC7G1HjY74RtB4b2qAg==
350x230-img-33644-timnas-indonesia.jpg
media.bolatimes.com/thumbs/2023/11/16/33644-timnas-indonesia/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/33644-timnas-indonesia/350x230-img-33644-timnas-indonesia.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e4729145657d2eeb3c920013da34a3b6d382849057f7449ff91caa5732543e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 1a95269c34e986ace2bf21962deb2db4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65594
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24163
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 08:07:04 GMT
server
cloudflare
etag
"0f633b80570dfd07b5b6f4b6d60d44fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be2gIkkNLX7t6J3Qa2Pho9FHDTAbsxLpr%2FXtkDVS6%2BAdn0jfM1zEfaZ34WsK99LwnV%2B%2F2SHD%2BKfCqFw5gtchXgUanqqGQOWS5atbcUj%2B1VPBGXX2HSJFXn9oWs909VeRTYPu2iY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749698aa4a604b-SIN
x-amz-cf-id
ZK5cF3zk4VuaRYFWIu4dmCpYSd2loPG7cdcyw2mce9rvv_AUgK49Pg==
350x230-img-70332-link-live-streaming-piala-dunia-u-17-indonesia-vs-panama-pssi.jpg
media.bolatimes.com/thumbs/2023/11/13/70332-link-live-streaming-piala-dunia-u-17-indonesia-vs-panama-pssi/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/13/70332-link-live-streaming-piala-dunia-u-17-indonesia-vs-panama-pssi/350x230-img-70332-link-live-streaming-piala-dunia-u-17-indonesia-vs-panama-pssi.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c56e30b774781a2960137fafcab7d54984a0e8a35012972254ec199623af59d1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
312484
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24359
cf-bgj
h2pri
last-modified
Mon, 13 Nov 2023 07:46:11 GMT
server
cloudflare
etag
"72b7b60efee0babc47138cee329584f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI%2F1j%2BZhbM5CllF3iBcXdvjPtnpJE%2FHWQ62M7hLXOhYvtqpLkn1eVGlz7KaEx9O4qaT%2F4bMlmQYta%2B6crmXubSkcvwY6qGNa%2FjD8xcu%2BLgM5IUXkZR28FG1N1XYzyqAZercLse8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749698ba79604b-SIN
x-amz-cf-id
OWssvTBuAdI_6tlu_ki5aNqyDe8obrRWXt6sKMj-H1-f03JkPNlB0A==
350x230-img-98684-evan-dimas.jpg
media.bolatimes.com/thumbs/2023/11/14/98684-evan-dimas/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/14/98684-evan-dimas/350x230-img-98684-evan-dimas.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d3466b28fe4248a142419874d4008ca890b223f265c466e2c94900fcbd2ce6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 f2f73edfafc086543441bca742024226.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
253253
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30256
cf-bgj
h2pri
last-modified
Tue, 14 Nov 2023 03:31:24 GMT
server
cloudflare
etag
"3ba011ddb1f49055cd0a4b7f0bb4425b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEqRhONGEwCfoAv6VDzlJOZC%2BP5ojX%2FNnZ8p3XD7izACPl%2BoTbeSF0Hekn2dB8Vmo2RCTPszZuAjN2BFTa7S%2Bst05ydSOE959bwnS4XUDqzIxSOEO6peX41IH3ClayxKNTbWxv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749698ba7c604b-SIN
x-amz-cf-id
AhCD5_fa11AVy2JgDAEoeHac7kKgmc7Eb9ewAzWDd0V_ZU-oIFHhvw==
350x230-img-92306-timnas-filipina-di-piala-asia-2019.jpg
media.bolatimes.com/thumbs/2023/09/05/92306-timnas-filipina-di-piala-asia-2019/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/09/05/92306-timnas-filipina-di-piala-asia-2019/350x230-img-92306-timnas-filipina-di-piala-asia-2019.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6a4b24914043e50e5be2a01c4829b2cc8ad6f6e6ebed76d77634a56b02453c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 6744df903aaebd8a225f5410dbe17efc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1382958
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
34417
cf-bgj
h2pri
last-modified
Tue, 05 Sep 2023 06:27:29 GMT
server
cloudflare
etag
"9fb699183ca93d65a7f849e58f5bbf71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6okI6Wb4dlW4DoZhAXXLZxQDrKWIJ%2BH3SzL9mdMEgyPJ5x10GN4jP9pySKOWbY2HwUMW%2F3uYbLgPXSiy0kyy6lI6hW9B%2BR4rG6H%2BbVEam%2Ftc3VbKkBkJdIcKKvOJu6kcAE%2Fml%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
82749698ca92604b-SIN
x-amz-cf-id
nxKzkXARvrCTZxtSExb2BUkkxkuOHw-9jhHOvyhKV5xVKO3wMuSX6Q==
350x230-img-11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19.jpg
media.bolatimes.com/thumbs/2022/09/12/11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2022/09/12/11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19/350x230-img-11333-supachok-sarachat-saat-debut-bersama-consadole-sapporo-di-liga-jepang-2022-instagramatsupachok-19.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787b56142db4c0a5e6fb21531944e1dca215e14d02867fe40a326b26d08995a4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
865724
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
content-length
11589
cf-bgj
h2pri
last-modified
Mon, 12 Sep 2022 01:37:06 GMT
server
cloudflare
etag
"76ca0d76a86a965b5ced1ccfb66c0d4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vtup%2FqrDDCulgikbVgRENDRUiJDnVXQ3ZM6oQNI9pBJSVYU209nc9qEJbCpsMPFOtaYGWUHvgxfqJS4pGoF2ocRs51ZvOYWkYm%2Bb3L%2BxNz%2FwZHYmo8Bw6DWVozEntD%2BvMB5RsJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496990aca604b-SIN
x-amz-cf-id
9JtswlkmtD0AJ2vTfaCbklv2vHfUhzWy6zWtWYPUi0k2ofovfdjkcg==
350x230-img-33609-pemain-timnas-malaysia-luqman-hakim-shamsudin.jpg
media.bolatimes.com/thumbs/2022/05/23/33609-pemain-timnas-malaysia-luqman-hakim-shamsudin/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2022/05/23/33609-pemain-timnas-malaysia-luqman-hakim-shamsudin/350x230-img-33609-pemain-timnas-malaysia-luqman-hakim-shamsudin.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69f62c23c32d363eca98482ad5b3399aafad09de4bfa76c661d287eec783159

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 80a9a66193c3e6350d12faf1c397c974.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
703897
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
content-length
13451
cf-bgj
h2pri
last-modified
Mon, 23 May 2022 09:18:52 GMT
server
cloudflare
etag
"15079a016fc0d2e479f7114d1cb48f22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7%2B6L29XjVVfK8hYJ14SIa2l7Y%2BBcRij5gFsamP2IG3VfYcJyc3jZCPNvbX20Otap4mrLnYAfDeoKpUsA0qMx74TqohddO1UvMxoW3dxMhD9wVCRQooms0wzkuyCmuqzy5dmVpE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496991ad3604b-SIN
x-amz-cf-id
-uPSau5E4A600zZCJeq6jV4cMVm4EP_eJzCBDxGSLoC3JfLd1tK8GQ==
350x230-img-81221-pelatih-persib-bojan-hodak.jpg
media.bolatimes.com/thumbs/2023/11/16/81221-pelatih-persib-bojan-hodak/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/81221-pelatih-persib-bojan-hodak/350x230-img-81221-pelatih-persib-bojan-hodak.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6a52660f62fef4faa93b277cd17520b222d8c4e62a13405b1c85c36e068664

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 1a95269c34e986ace2bf21962deb2db4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68537
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19062
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 07:14:53 GMT
server
cloudflare
etag
"652bb28c40032208856bc430afc4278a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBL%2BpzYDVrjih0vWLGIUNU9Dhsavnohv8fojOahiim6iBPE4aR%2BXo6ih1SwXwSnLEtiSXq0IGbMdpFlCRd%2BlQ4okXlmp7OthD2J53u9ugwcng7gzP2j7bPOtvzpt1pjQbrUL8Hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc5604b-SIN
x-amz-cf-id
IQEURLJP2Lf2c6VxMt5KC_wb-2G2_hcfMZf1dLR9jkDZVbCXcJll5w==
350x230-img-58313-timnas-indonesia.jpg
media.bolatimes.com/thumbs/2023/11/14/58313-timnas-indonesia/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/14/58313-timnas-indonesia/350x230-img-58313-timnas-indonesia.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a2d6c0401adf60f9cdf13b244e6766b49adb762fada13dcf33e071a12a5638

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 bde90de775f830a27e211540ca659966.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
188975
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30762
cf-bgj
h2pri
last-modified
Tue, 14 Nov 2023 11:21:50 GMT
server
cloudflare
etag
"9f98d94b9dc3a12e6ffebe8fef765861"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GW2h427Ln8Oa8bECxZINL9e%2FAsg6MAOnlU5D3LpfmaN7dpEKIchNw1GAMTv0fdIuI3tjwo6zZGq8TOZGUVt4fXEvlhAlIX1K5AyW8JH8GR6vE0u0l6sp6jpTIkYuH8yuYMBeHqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc7604b-SIN
x-amz-cf-id
LmuzMiH9mAY98x60F60GEOS62wZaz5M6akLsL-krRr_rGZNdpYe6XQ==
350x230-img-95679-laga-persita-tangerang-vs-persib-bandung-dalam-lanjutan-bri-liga-1-2022-2023.jpg
media.bolatimes.com/thumbs/2023/04/10/95679-laga-persita-tangerang-vs-persib-bandung-dalam-lanjutan-bri-liga-1-2022-2023/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/04/10/95679-laga-persita-tangerang-vs-persib-bandung-dalam-lanjutan-bri-liga-1-2022-2023/350x230-img-95679-laga-persita-tangerang-vs-persib-bandung-dalam-lanjutan-bri-liga-1-2022-2023.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bf708e701b0d6fe5f493a1983254796bb4e7539fe51eb93e8bc1e74e01c04b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70165
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17597
cf-bgj
h2pri
last-modified
Mon, 10 Apr 2023 07:17:01 GMT
server
cloudflare
etag
"8feeb316b284ea158796f05e4326c5f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1IKN8r5KrNGojQGS6Z3i%2B6al7pLVO%2BT8MEt7frTNkBzGtCpDV4MSzX%2Fqmru5k6kNIqIk1hVTR89gUoiVkxiPJ9KnGJkYqJJi0lkyogzXQ3uhnAB2echogiqVtvgoJ%2F2LQKfHXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cbe604b-SIN
x-amz-cf-id
5-YR7QDfCzlZ3Bih4BremwBG9LRMh9Mi8-7qZdHzi7L8XBJ1mGLNRQ==
350x230-img-11185-shin-tae-yong-pelatih-timnas-indonesia.jpg
media.bolatimes.com/thumbs/2023/11/16/11185-shin-tae-yong-pelatih-timnas-indonesia/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/11185-shin-tae-yong-pelatih-timnas-indonesia/350x230-img-11185-shin-tae-yong-pelatih-timnas-indonesia.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa07db6577bc73607647d694f530483d5d563877d1fcc1460647799eb28358b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 6744df903aaebd8a225f5410dbe17efc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69148
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37306
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 06:55:29 GMT
server
cloudflare
etag
"043907ebbf4506c4c46e7082cbc744fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VqNmjWLr4CdTwDt2evcmiqzriVQm25rqCM4CruTOKynLsg3k%2FAQbPliIE4YDh1gkpolnLFRcnO9DDQQ8WF0DdHXkSu9YEmkrSHXBqtFOap%2F2ihgGmfbF1Y%2FQQb%2BJk%2FCHI8tKy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc4604b-SIN
x-amz-cf-id
vnbUKRk-m1ee4Er_uQMakMa-UHzZXP0yXOvjeCpmgtztY-aaSJdbvA==
350x230-img-86099-logo-piala-dunia-u-17-yang-telah-diresmikan-fifa-pada-jumat-192023-antarahofifa.jpg
media.bolatimes.com/thumbs/2023/09/02/86099-logo-piala-dunia-u-17-yang-telah-diresmikan-fifa-pada-jumat-192023-antarahofifa/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/09/02/86099-logo-piala-dunia-u-17-yang-telah-diresmikan-fifa-pada-jumat-192023-antarahofifa/350x230-img-86099-logo-piala-dunia-u-17-yang-telah-diresmikan-fifa-pada-jumat-192023-antarahofifa.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a38e124fad2734fa8b0717888c6881557043b3ddbf00d44e7226b636a43d3fd

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1451886
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12141
cf-bgj
h2pri
last-modified
Sat, 02 Sep 2023 01:43:22 GMT
server
cloudflare
etag
"6d78bc24945faf4038f11394539a3ed9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgrC4ymWPNPx3QPMLfQFxLKNaWuiYz9ZbuK62CUyL4L9mJfkLykrjiSYd3menw5DN%2BhINRJS5h%2FtHd898JqAZ9UuHAzz3viC%2F24%2FCudMpj%2F9d1tDl6BBJNqlWJcYUxmD%2B7aECmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cc6604b-SIN
x-amz-cf-id
aYnqC9WkzLnAQ-jCkUys9CMHhPe_5nBOEXYkL4wmXpbThCJbkSkjcw==
350x230-img-72953-inggris-menjadi-salah-satu-tim-peserta-yang-dipastikan-lolos-ke-babak-16-besar-piala-dunia-u-17.jpg
media.bolatimes.com/thumbs/2023/11/16/72953-inggris-menjadi-salah-satu-tim-peserta-yang-dipastikan-lolos-ke-babak-16-besar-piala-dunia-u-17/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/72953-inggris-menjadi-salah-satu-tim-peserta-yang-dipastikan-lolos-ke-babak-16-besar-piala-dunia-u-17/350x230-img-72953-inggris-menjadi-salah-satu-tim-peserta-yang-dipastikan-lolos-ke-babak-16-besar-piala-dunia-u-17.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e887ffc827d8e14066e1d3f5fdd9d6d1bdec8aa0b5b39ff22c4e1aa4a86cfb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:48 GMT
via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71777
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27778
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 06:18:02 GMT
server
cloudflare
etag
"3af524926b1c05ef67d61023d20520a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yTo3v89rvuQkIwuJldAglBRZ9VLQrUOaqFzItsi180xcmD5e36btfXWKEEcGKrNa4qmjkqigz0%2FM5VY%2FTDlTf40XvqpYZmn6WJ%2F9qvJHeUGetVTPCjlUNRkKIeJFYLu6I%2F60OU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496936cbd604b-SIN
x-amz-cf-id
RMzi60PJ5XY9xpz1jh4kuvxU8mPhN7gVOQIcSBEkLOfKsvNRM4lxgg==
350x230-img-15074-tijjani-reijnders-gabung-ac-milan.jpg
media.bolatimes.com/thumbs/2023/07/20/15074-tijjani-reijnders-gabung-ac-milan/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/07/20/15074-tijjani-reijnders-gabung-ac-milan/350x230-img-15074-tijjani-reijnders-gabung-ac-milan.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73df99b2543bfc3f8bde5e1d470611d0ff8fcdc4ab1abfbe946de1a813b72bad

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN2-P2
age
793740
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
14732
cf-bgj
h2pri
last-modified
Thu, 20 Jul 2023 09:51:42 GMT
server
cloudflare
etag
"315165d3bda55507a5407fe488018ad7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rloPgYVv9hHf3ucbsmI3hqEqY6pCleB4Yla2oK3uF1N7uf%2FqB3FVioCHKkNu9QgpCFNjf7DhlEizFrQYSE7emAJQpw0x%2BrG5YGSoy76CZhobuWqMWox3R4%2FeWpblmjxSIt4crZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496995b10604b-SIN
x-amz-cf-id
eK5NmFGRZR7pjpSlkGfmvBYs0lHBpBJfJf47xwamY0mu_lkWKk2SmQ==
350x230-img-94668-pelatih-timnas-indonesia-shin-tae-yong.jpg
media.bolatimes.com/thumbs/2023/11/16/94668-pelatih-timnas-indonesia-shin-tae-yong/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/94668-pelatih-timnas-indonesia-shin-tae-yong/350x230-img-94668-pelatih-timnas-indonesia-shin-tae-yong.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba574806800f34c2f9937ea0d569c151ccd6074a6815897adb492b58194884f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 dc82e67c3cbbf5963a8de3bcf19baccc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
92879
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
21338
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 00:48:45 GMT
server
cloudflare
etag
"44decc7ab029b854b4cba67a93c89a3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH0giMHF7vZeRFg2hDLu2aqwUmOvdRx27KycnEz2cOgNzQs4WVtGKoJ6cjJkglBAEmosWKMCKIwOh6AUWnJhMRXAfndbN8EKD2pEAn3jrDDFQGP60Gg23qH5ioBCas8KEinDsvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496995b1f604b-SIN
x-amz-cf-id
0kSL1RNmNXVEceYNzFEvfSV4371Qxh0rlpvX0PCYKvC4eviu_pto3A==
350x230-img-19853-teja-dan-asnawi.jpg
media.bolatimes.com/thumbs/2023/11/14/19853-teja-dan-asnawi/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/14/19853-teja-dan-asnawi/350x230-img-19853-teja-dan-asnawi.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c572e8c875cba2c548ea5bc3478fa83d8ba021a2325b89e11e01ea425ef0811

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
233161
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
24636
cf-bgj
h2pri
last-modified
Tue, 14 Nov 2023 09:47:40 GMT
server
cloudflare
etag
"de4574cd9a649b18355644aa69a56cd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ROCmxuihhIE2oiuigpozsj6L%2BebkPx5WDK7Xg2nPqduOO3GjHmskk5Q5xz9NG3NMh4fa%2BXieGnzzBA2aoNcExzhHE6qEydbwZnahIi5jitVYW13B7jvrAxcp4MT7ybIp7lI2NU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496997b31604b-SIN
x-amz-cf-id
aD-bj_CaOIp5MUoHtGFaV3GbaoZ-dqKiFBJTntcVUJz4oMYEznsthQ==
350x230-img-81448-pelatih-irak-jessus-cassas.jpg
media.bolatimes.com/thumbs/2023/11/16/81448-pelatih-irak-jessus-cassas/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.bolatimes.com/thumbs/2023/11/16/81448-pelatih-irak-jessus-cassas/350x230-img-81448-pelatih-irak-jessus-cassas.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a23c82fc80e27ccc5df075f120dbd9ac839fb93588f8f8d6edb833646f1e4f6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
via
1.1 80a9a66193c3e6350d12faf1c397c974.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
SIN5-C1
age
76786
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
20255
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 04:58:58 GMT
server
cloudflare
etag
"205e12ea9c2e5b36a397034f5af72064"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWxXz6QVMQB9urBW%2BKhPTKWiVsmdIUu%2FOuCoqGf1yiotz9BsNPDQTigj9CoWkiUn2GHCxXycGY%2F52MehBQ4OUDkFHGSuvRTcWrD47LnvB7e2or7fVqkvqNw7rqVYD5%2BX8sDxsg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
827496998b41604b-SIN
x-amz-cf-id
PzsRC7mxs9b1xmAiHFgjTUASejzelSym_fOxkbMtpkBn2BX7yhi5Yg==
sdk.js
connect.facebook.net/id_ID/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
3e768b1e88a6a44601666afb01eb3874c040cb8697e58e86c289f25656ac0c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 02:36:49 GMT
content-md5
d+wsIdKMmBG7jDNHq1XIXw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
9odumYsod6V/G1BJtQ3jHi3WkJzjSiwnGvIIYNSANOh8mt2ja9E2+eOUVsEyQ0H4JK96VU/u/xFQzMH6eev+XA==
x-fb-content-md5
db17e34df72e45c77b4e6b4fe8195175
cross-origin-opener-policy
same-origin-allow-popups
etag
"02b41c919e8dc0536c2374c9b383d944"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:49:13 GMT
iezfz86x3h
www.clarity.ms/tag/ 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/iezfz86x3h
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe60b1e6e9c5344440f5f2621e31a20460731e77024eb5148af4b3c782d4b202

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Fri, 17 Nov 2023 02:36:50 GMT
x-azure-ref
20231117T023649Z-zqkk517acx2r74fmbpaq5uf5ec00000005bg000000011kdk
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
677
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
api.realtimely.io/c/ 		0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.realtimely.io/c/?p=%2F&u=no&s=no&h=https%3A%2F%2Fwww.bolatimes.com&r=&sid=BOLA&t=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&qs=%7B%7D&cid=77956868
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQu27JnZwCYvVd8m3vCUEMONZTgSkqepVyEXp8WdbbA1lXNezQiVEjKd4kYnvaOdjFqkQ7jtJ2%2BhcGIeejwL0vqzYCoD3EDrUsjs0ZEytCBVHq7REaaL4faEwmjfZz2eeFAk"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
82749699ca453f58-SIN
alt-svc
h3=":443"; ma=86400
izooto.js
cdn.izooto.com/scripts/sdk/ 		321 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/4884cdd3865bfa28e0cc689b8cb854f5876ffbde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.216.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
042c34d69ae919d1e01e22b6497213dd0d5c177c2e6794a755756a189b3a613f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 16 Nov 2023 13:27:39 GMT
server
cloudflare
age
47328
etag
W/"655618cb-5033d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
82749699ded83fc3-SIN
x-xss-protection
1; mode=block
expires
Sun, 03 Dec 2023 02:36:49 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68455
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 07:35:54 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFVNJ45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
fc0bced4f88a6c829f1bd6a5c968360719b5f264ef94d302b9dc46cf85f55e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91602
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 02:36:49 GMT
f1npjd9l2l
www.clarity.ms/tag/ 		650 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/f1npjd9l2l?ref=gtm2
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
106fca9c60be2faff1a0f13739de1589d86ec891edfac2d4f84af19a3c1c2f45

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
-1
date
Fri, 17 Nov 2023 02:36:50 GMT
x-azure-ref
20231117T023649Z-zqkk517acx2r74fmbpaq5uf5ec00000005bg000000011kdm
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je3b81v872195582z8812354766&_p=1700188607683&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1270297363.1700188609&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1700188609&sct=1&seg=0&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&en=page_view&_fv=1&_nsi=1&_ss=1&ep.articleCategory=wp&ep.articlePage=articlePage&ep.articleUserAgent=desktop&tfd=3470
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bolatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R6NQQ7RXT0&cid=1270297363.1700188609&gtm=45je3b81v872195582z8812354766&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bolatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R6NQQ7RXT0&cid=1270297363.1700188609&gtm=45je3b81v872195582z8812354766&aip=1&dma=0&gcd=11l1l1l1l1&z=1898412850
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 9259 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.216.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
age
1399208
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
8274969b1fd43fc3-SIN
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 02:36:49 GMT
expires
Mon, 18 Dec 2023 02:36:49 GMT
last-modified
Tue, 07 Feb 2023 10:27:13 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
190917
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8274969dba7b403b-SIN
expires
Mon, 20 Nov 2023 02:36:50 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 08:49:04 GMT
content-encoding
gzip
age
1273666
x-guploader-uploadid
ABPtcPqCetD0eGg2hmv3u6sxo_5nkF09mdlf14CAYiIXfLm3vPEBdlpGWTp4RZLQhLu7P0ZwwFYoIV1QuU-ZM7yQ6s1ikA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 01 Nov 2024 08:49:04 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
e1ad71eef930b69ec69468de44d7df05
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 02:36:50 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-104.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 12:44:06 GMT
content-encoding
gzip
via
1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
49965
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Mbvl2G0mSkSpB-erg1RVaTYTSsHkQRztKFtYIko-VxhVHEolt59qSw==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-89-72.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 16 Nov 2023 22:30:27 GMT
Via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SIN2-P2
Age
14785
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
scfF5c-TfLXz_JA64oCkmPeVNnN9JRYZbOlOUvWLxgRV1CHmQhg3BQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
ESH0XJ31C41W3B0D
age
2877
etag
W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
827496a3be654b56-SIN
x-amz-id-2
df/nHJN44DGRtjMVO0VJY2Y9F+gaai4oVeGqrIvi8MwG1eJ9YkhAS68mGOHGAolVqBJXcib+Knc2LP5GaKrjDQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
content-encoding
br
age
22388
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-qpg1262-QPG
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		788 KB
170 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4347699013370239&correlator=2705363815760301&eid=31078986%2C31079660%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=148558260%2CBolatimes_HVR_1x1%2CBolaTimes_Interstitial%2CBolaTimes%2CDesktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4%2C%2F0%2F3%2F4&prev_iu_szs=1x1%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x480%2C300x250%7C300x600%2C300x100%7C300x50%2C300x100%7C300x50%2C970x90%7C728x90%7C468x60%2C323x93%2C160x600%7C1x1%2C160x600%7C1x1%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=2051&fas=0%2C8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1700188609790&lmt=1700188609&adxs=0%2C-9%2C436%2C985%2C985%2C-9%2C-9%2C475%2C489%2C1295%2C145%2C-9%2C-9&adys=6121%2C-9%2C180%2C365%2C1284%2C-9%2C-9%2C1145%2C920%2C100%2C100%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C0%7C0%7C2%7C-1%7C-1%7C0%7C0%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bolatimes.com%2F&vis=1&psz=1600x6120%7C0x-1%7C970x90%7C300x250%7C300x250%7C0x-1%7C0x-1%7C970x-1%7C322x55%7C160x-1%7C160x-1%7C0x-1%7C0x-1&msz=1600x0%7C0x-1%7C970x90%7C300x250%7C300x250%7C0x-1%7C0x-1%7C650x-1%7C650x55%7C160x-1%7C160x-1%7C0x-1%7C0x-1&fws=4%2C2%2C4%2C4%2C4%2C2%2C2%2C516%2C4%2C516%2C516%2C2%2C2&ohw=1600%2C0%2C1600%2C1600%2C1600%2C0%2C0%2C1600%2C1600%2C160%2C160%2C0%2C0&ga_vid=1270297363.1700188609&ga_sid=1700188610&ga_hid=303335919&ga_fc=true&dlt=1700188607660&idt=2077&prev_scp=%7C%7Cpos%3Dleaderboard%26page%3Dhome%7Cpos%3Dright_1%26page%3Dhome%7Cpos%3Dright_2%26page%3Dhome%7Cpos%3Dright_3%26page%3Dhome%7Cpos%3Dright_4%26page%3Dhome%7Cpos%3Dfullbeltbanner%26page%3Dhome%7Cpos%3Dheadline_1%26page%3Dhome%7Cpos%3Dskin_right%26page%3Dhome%26refresh%3Dtrue%7Cpos%3Dskin_left%26page%3Dhome%26refresh%3Dtrue%7Cpos%3Dotp%26page%3Dhome%7Cpos%3Dballoon%26page%3Dhome&adks=3035399121%2C2298460220%2C1285832963%2C1663327077%2C3739967010%2C4152665876%2C4152665877%2C4030129027%2C2043183569%2C2729229666%2C307847192%2C508573221%2C3971485102&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
56acac9ea50579723b31eae059b783f8220899929ec3e397e242926bfcde1c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173491
x-xss-protection
0
google-lineitem-id
6393083730,-1,-1,-1,6413061826,-1,-1,-1,-1,-1,-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449645732,-1,-1,-1,138454399390,-1,-1,-1,-1,-1,-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bolatimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2ABA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
71622
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 06:43:09 GMT
sdk.js
connect.facebook.net/id_ID/ 		297 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/id_ID/sdk.js?hash=abb76876ba47b9c1cbc55ac144190b89
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/id_ID/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
9dcf43b6a90f025d824162b5bda4bce1fafc25626579e9b9f9c08e2af957e75d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.bolatimes.com/
Origin
https://www.bolatimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 02:36:52 GMT
content-md5
MVNyioN/cL2EFsARYME3og==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86921
reporting-endpoints
x-fb-debug
UE5HQpnJp3mBVXUjUPy6o+HbV9eoMi1sQ/h1CT3CSoCawgqqvD1TpA5D++He2y/knW8UaMDyHFeGArjDH3ha5g==
x-fb-content-md5
4d75328039c69f04e9503a9183063fc3
cross-origin-opener-policy
same-origin-allow-popups
etag
"5111298873f5f70b4cde6ac23e766353"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 16 Nov 2024 02:25:21 GMT
clarity.js
www.clarity.ms/s/0.7.16/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.16/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/iezfz86x3h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
br
last-modified
Sun, 12 Nov 2023 10:55:20 GMT
etag
W/"0x8DBE36DDD4CF754"
vary
Accept-Encoding
x-azure-ref
20231117T023651Z-zqkk517acx2r74fmbpaq5uf5ec00000005bg000000011kqs
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ff03a61c-b01e-0053-3272-150def000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
view
securepubads.g.doubleclick.net/pcs/ Frame 5FD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuD2PoWhvM0n08O_tQpNeTSYt_E45RG0PnnHxnzTho2E6DAdfiIRyJdRrk4r2M54uOQZekxBjAP1ATh3XrumwXllHheiUyWDk9nY5g693U6QWOm8GGVVZri7mMwneBc7L-0Iv0piblWw_tKut-omwEFH7IZ8Q6vM3H8sE4ycjw2T5bw11TsHxqVReqymdC9xT6_ewRiMureVSwYubM0Jy9-nXqUAAyYK3kg_lWIGk6-kXGRpnD7HeEkKlvZp2z9GJfIDbItXe9vetid7yOzCe_UxHpJt3hyMSUOXW-JCujrggp7BzEdTttsmrtVnQQfZ1TuWtUNsCmRjMUXww&sai=AMfl-YR2JvLzPSv-ZcveqJK7LZ8_sTfrM6AHUwjDb0mWb3ZDzCcmRIR_dhAdlM1FdzHJgzH4hrfCixJVvUY1FR-T3QNsb3bsU8_vFt8h5PhbW-n_lKqaip6MSdT1FwiMGImtiyCPOrB8ZJ3ZbI77F50b-dk&sig=Cg0ArKJSzIyWl9SXnYw9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:36:50 GMT
index
cdn4-hbs.affinitymatrix.com/hvrcnf/bolatimes.com/171010/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/hvrcnf/bolatimes.com/171010/index?t=171010
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b.bitgravity.com
Software
v/6.7.6/6.5.25/v10sin1-www /
Resource Hash
652d463e59f6d950519948c80bbf4a4b4cd0510a3eaa8cae88c7a89ab55c95b1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-version
9
date
Fri, 17 Nov 2023 01:03:27 GMT
content-encoding
gzip
x-real-ip
39.109.224.42
server
v/6.7.6/6.5.25/v10sin1-www
age
5604
x-tata-request-id
dd759dbe28d17491988497b87bf5a5b1, dd759dbe28d17491988497b87bf5a5b1
vary
Accept-Encoding
x-cache
HIT,v10sin1
content-type
application/Javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1597
expires
Sat, 16 Nov 2024 02:36:52 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5FD2 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1708 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1BusVx0hBErRDG92Uhqa6YRg1FWtD0g14LD_5lwvCbt1HGJ_WZbFXHehDYpGGF_S0vaFw5pz8MiI3B1j77tlxbMo_PuEqLylNOKjsNb_lP3emRQjz6fDXgaqr6SD8ufr54UMcnr135T6ICAemW_RnSSZ2EAPuQrFZAuxXkvWaDnhkMEOItLWHpA-dmOi8NXr7_fVxvwyfScN9wgWH1ZSRHxXjPXEPbyWLHRyUFtVQBNOR_Z7Wavepd5uW4MejN-31Gcc9CQfzzcr9nkx5XadLw_hz1Gyqz-2qb8-ppOrBtNB6hrESgEKGWxNiLh6kCXNsZvp3E9VuhjY4hMdKheJfEn3YJjljP4wvhzSsYCXXIh8k31g7lg&sai=AMfl-YQ4P6-0kwep_roDVxzSqtRuW5evCGwCaK_8_xYAYz6YdPejtk1eBoOSPQHKsWzqKhMVu4RcjTlumhfQeza_3NLI0LxOA3F66SKcSr_8OgjjvWP4yPYDDD5bjDGMA_XTFAglT-cqHkBjxFY9Fux8GpY&sig=Cg0ArKJSzBJCim1Rzr0vEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:36:50 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1708 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3612 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A393 		0
0
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9562 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED6D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E4BF 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXhTfbjFXzXn4zg5i7kAjoQB5pTvqOGG4Mlh4LqDOqbIGn9O7VvnKEMRhxnnkR8msRNisxwmhwERn8fjtjKsQo_FA0rxw
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 38C4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C4 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BIVeIYOlFWin1HbN9dE0qVoEtm2fDEZ-GggHaLVgs5TyRGYyEYBKA2a2owx_QSrHrlEOn7o3s_nrZ4ozNC1v1tgJs6uzF51klUbW2PwlBXN-alAWs
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C4 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10700197431386034267&x=1&ct=76
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 38C4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
28476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:42:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 38C4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:58:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 38C4 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8B28 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGPnfh_0BMAE&v=APEucNWtUJoGZywPOjyk1SRhsXjNhJ-7ndyMr7Y4-_xVWx110x8QqF8coBHGD0wr0POI8ajolp13CLD-tTqece01NfOi9p99Cg
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1FF1 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Origin
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 05:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 05:42:01 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1FF1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
71757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:40:54 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1FF1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
70173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 07:07:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1FF1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 06:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
158009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 06:43:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1FF1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
28476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:42:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1FF1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:58:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FF1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DMmrUPq5S8IVgNwcxzn1yMrDmEINES4RINbw-NU2cmSh2PiawqM2we9dRn2mZMCg8JcxpL5GKpcKgy2qsKFSA8AGfHKQjrkZtKXRicgYq8tyjofZ4
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1FF1 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1083 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGLPeh_0BMAE&v=APEucNVvJA9fy290XPjg6ky2ihp0je8YrXo7vwT9KCO9J8HYqdFQ2XmQ0brfswBf-NWWA3-TLXXnmchejS-DwSE17IVhGb5kvA
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3612 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Origin
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 05:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 05:42:01 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 3612 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
71757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:40:54 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3612 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
70173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 07:07:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3612 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 06:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
158009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 06:43:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3612 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
28476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:42:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3612 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:58:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3612 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGXj946W0s3T0RibXiDhahSDqqID4eTfHhtgWFj9q_VokfW0jZ1mpI8b_36NemByDSderQbmMDLHdctSJog30vKNQWOjEDM7wrSdflEZFw0VcrASk
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3612 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bolatimes.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bolatimes.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bolatimes.com%2F&rid=esp&cc=1
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
74bf6d30d1f9726bb82d6341ab71a04bca643be28deafd82a6405710b49b8755

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-XneT8iUvFTGXlgKdhIh41VJyYQ8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bolatimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 17 Nov 2023 02:36:51 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bolatimes.com
location
/esp?url=https%3A%2F%2Fwww.bolatimes.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 829B 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNWqbnp_Ef6qbnKLDOYD6_nWTPRQrzWzphNXS7eIZ9OAOnXfPCU-Jm3PVrbunq4-eIxeyuNeVLgsFKEHCT8uSzRIQNNQMg
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9562 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Origin
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 05:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 05:42:01 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 9562 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
71757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:40:54 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9562 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
70173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 07:07:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 9562 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 06:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
158009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 06:43:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9562 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
28476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:42:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9562 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:58:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9562 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXRII_bU_MhnHGQXbOLbmUtn6CyBx4IBC9xqARdXCI0c2_f3EopVfQIqyUZXXgZjaWrafTntLI6-kEd3ddebaN83WW6eFmj2tnxsuSv1JEEjHziBs
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9562 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EF76 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNU1iUpc8Pf8nohVTWVqqvloiMI5pmKyZhDbFKzlcLhhzQUD4K6WRM3dNd9bAlA4qnff-6fiwbQamBeHMU0ONc9pDpZ9EQ
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame ED6D 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Origin
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 05:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 05:42:01 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame ED6D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:40:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
71757
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:40:54 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame ED6D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
70173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 07:07:18 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame ED6D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 06:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
158009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 06:43:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame ED6D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
28476
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:42:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame ED6D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:58:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED6D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bjb94Q_KTBcPbGIRERL3WHNLa5Pwb912qBE0K4f34vNoRSHZJsjBBiSFdbmgaouW6K3cJJJVusNRHlWTYX3k2v4iLWAa_8cxUVnsyu5mZatt8aHI8
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ED6D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.97.106 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-97-106.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7a5f9d5ec4ac7b8d14f6189e98dc51d6c6831396a32f6a7c90269a6e52314915

Request headers

Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.bolatimes.com
cache-control
no-cache
x-server
10.42.7.22
access-control-allow-credentials
true
content-length
235
expires
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 94E8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
160967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 05:54:03 GMT
expires
Thu, 14 Nov 2024 05:54:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1FF1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9ad95745dd78b3af6b361982a961bc581169cb614a8f2fc9802061f82f91176

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 953E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
160967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 05:54:03 GMT
expires
Thu, 14 Nov 2024 05:54:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3612 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d6660090e0079f8b307059d57f028c668247465674e4da173e2ecf9fe009b05

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9562 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff3989936c9f3a276a41f68e5170f67076890d6f5c10db8f3f896ca03556e642

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 168C 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
160967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 05:54:03 GMT
expires
Thu, 14 Nov 2024 05:54:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C334 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
160967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 05:54:03 GMT
expires
Thu, 14 Nov 2024 05:54:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ED6D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7670b615e7c5b91305835bdb8b13336e3d9be8dede2d4e731b12be5a6590e545

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
syncframe
gum.criteo.com/ Frame E5BD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bolatimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:51 GMT
server
Kestrel
server-processing-duration-in-ticks
309954
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 94E8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 953E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 168C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C334 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
truncated
/ Frame 5FD2 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ee8de8a6da7794670a5a5e03c710982769015213257de8e2a4f6842f297ca9a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5FD2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGKAYIloC6sOJsZT_m66ackQ5WC4gto0a8IsdnD7DgR3C6EjEiNo8WAuC7C-RIvRfJlCQtu3zUZIpmd8XxXEtnctDikNcgZXByAqYOiKfj8ZZ2GKNqOfKB4339E7cUDwGF31JvvOVwDQqXV6QmOoOHx-kiNdumwgSKoHDG0zze4sNjpWO_NrRmSfiC13FmNmswqjaJrfE_wfKbIBs1hXfQ4y6Jk_TcMnHyeITlcfvJzQYYvIsmNXrzhvOZSEpfwq9DggnSjACfqteYDSMEKcpC7V1N7tBfHC1fxUXgUI7A-jPZFzGFzeu3XyuQPEIWIORRqHDv18-9xjwkqi4i&sai=AMfl-YTZjrcGAiLdlDFOM0cxBKR_Qq-F1CRAmJm_ZNNJNsGUmYmG2rurHzEoZC2CZuUDaNpAuxKkipDQClCE9EXybf4CbYM9TQtWXYVhcIKiStmxQF63BxezvGF8Fupji7ESnK_P7OeSc2z0xuO3zdlegFg&sig=Cg0ArKJSzFJHkP3aM0xrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:36:51 GMT
increment
id5-sync.com/api/esp/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bolatimes.com
date
Fri, 17 Nov 2023 02:36:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
/
go.rcvlinks.com/err/ Frame 1708 		43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlinks.com/err/?code=7iqMTL5h22&ms=837&ver=231101-0007&text=!bn
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx / PHP/7.4.33
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

hn
m1
date
Fri, 17 Nov 2023 02:36:52 GMT
cache-control
no-store
server
nginx
x-powered-by
PHP/7.4.33
content-type
image/gif
truncated
/ Frame 1708 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eae2e1948bf1f8b9696938ca71777daad8893782db8c0c074c0fcff14cf48d1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame EF76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNU1iUpc8Pf8nohVTWVqqvloiMI5pmKyZhDbFKzlcLhhzQUD4K6WRM3dNd9bAlA4qnff-6fiwbQamBeHMU0ONc9pDpZ9EQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkrHuSUmouNU0hEeOyM6%2BASvrzatE%2BxNJ19slHjZ23Hyczo0QK2cgdcAXWLWk3ychQ8GwwR2ndyz7KeYbZBDW2ti7z1hAz%2BnBXhfIFDcQoKsU7WWLbemqwrlYM6TXYL4x2y5oCmjbO2eDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496a9986da03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxrodQBKjuN%2FOrtEEGrPC0GEwpcHx%2FfGda38ldU%2FyLutjNzLOLshw%2BNHt0d%2F660oe5RWH8wMnQqek1mIYCHvvdMlTFHEKAXR4LDKWhsg8z5hycug5HBtV6EawgHTw0L3xyQ8SQiFp4pxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
cache-control
no-cache
cf-ray
827496a8cfdda03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame EF76
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNU1iUpc8Pf8nohVTWVqqvloiMI5pmKyZhDbFKzlcLhhzQUD4K6WRM3dNd9bAlA4qnff-6fiwbQamBeHMU0ONc9pDpZ9EQ
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8X9JOJkwJx%2FPjhZwXeADHRuu68W%2B3S6OZi2yz%2F4th7Y2Hyd%2FjqzFr92ScZUaTyPdadpHOm3VtkfMQP%2FGKf7Iy4CxtPZlBKTAGL9McrBsSJWivpuXBZoUQN8UWMB%2FEFEHXSS%2B1wdZ%2BwQEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496aa8941a03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EF76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNU1iUpc8Pf8nohVTWVqqvloiMI5pmKyZhDbFKzlcLhhzQUD4K6WRM3dNd9bAlA4qnff-6fiwbQamBeHMU0ONc9pDpZ9EQ
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
be827cf4-1d5c-42ee-b113-9ebab69ad69a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
an-x-request-uuid
133f7ce4-20d6-425d-b2b5-5303c50b6f12
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EF76
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNU1iUpc8Pf8nohVTWVqqvloiMI5pmKyZhDbFKzlcLhhzQUD4K6WRM3dNd9bAlA4qnff-6fiwbQamBeHMU0ONc9pDpZ9EQ
Protocol
H2
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
a28c57e7-96f1-4739-b689-a350db92d212
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1083
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
43 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGLPeh_0BMAE&v=APEucNVvJA9fy290XPjg6ky2ihp0je8YrXo7vwT9KCO9J8HYqdFQ2XmQ0brfswBf-NWWA3-TLXXnmchejS-DwSE17IVhGb5kvA
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbU7BVpjexY8AEZTdJn0Q2TRS9aUQS7JDmbUL0YOGnbe8aNgHfI%2BI9UMeXsxzuuZsYy1aQ44fO4KodiVsOrGD7CgsaMaCOGNGr0ULLq0M9sucskJUdSkf%2Bv65oMnlXlEqAf1Xtd%2BkpIRTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496a99869a03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5JN0qUYhjzmkabYXKHLUsNE9qwOqwlqxrkv%2BcossiCoTCvMZuev%2Bb1hiA%2ByVuUvnzKchNQYGEs3Zo4WHTNr6pA0j8wb1FDJGSbCAItVwC6jwOtVyCzaubGSjLrg0HY3QBmGhrUZDS3GGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
cache-control
no-cache
cf-ray
827496a8afc1a03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 1083
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGLPeh_0BMAE&v=APEucNVvJA9fy290XPjg6ky2ihp0je8YrXo7vwT9KCO9J8HYqdFQ2XmQ0brfswBf-NWWA3-TLXXnmchejS-DwSE17IVhGb5kvA
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dANFqZQesOs77ovqJjPOESC%2FGl7uiHpGHdzsrrvLheDya7DWqxTICzVCuGlGYXRccFpd7k02VOe1GKp8%2Bu%2FzEVhsPWOnWAHGFgNMnJyutf8R6owNKY4jG%2BldVX0e8qtefNEswhuqxkw%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496aa893fa03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 1083
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGLPeh_0BMAE&v=APEucNVvJA9fy290XPjg6ky2ihp0je8YrXo7vwT9KCO9J8HYqdFQ2XmQ0brfswBf-NWWA3-TLXXnmchejS-DwSE17IVhGb5kvA
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
d61e254a-a37b-45f5-96c8-be4b251dcd1c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
an-x-request-uuid
74d8390f-96d6-4f7e-9078-970812664c50
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1083
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGLPeh_0BMAE&v=APEucNVvJA9fy290XPjg6ky2ihp0je8YrXo7vwT9KCO9J8HYqdFQ2XmQ0brfswBf-NWWA3-TLXXnmchejS-DwSE17IVhGb5kvA
Protocol
H2
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
c74de73d-bc80-4c3a-bfa8-5ec6f429744a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 829B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNWqbnp_Ef6qbnKLDOYD6_nWTPRQrzWzphNXS7eIZ9OAOnXfPCU-Jm3PVrbunq4-eIxeyuNeVLgsFKEHCT8uSzRIQNNQMg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUZmttSQa89eL26zpBFR7tvBdsTm%2Bq46AmmwR8J3nvjuMhF0yiEfjqe4CLBjNmDH0XDOHltuZVsjxuD%2F%2Brx9u44cSY4QXjUEx39AZ9riIguRElNA7W39tbB1c8Ua0T8Up0QcbZENnaEpkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496a9986fa03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4Vs8wDUho1CNhQ2Wp3LzqZN96AGYxQaV3ebaUxcyjOAnJaNl2HW%2B1o2upeKora0Fl1F9nCA3m32CCgnPANjOi12KxfG3HWouPF%2BZPX4kEaF0L8QDLToUViNCJ5uPyBWK7yVJtCmAxp2Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
cache-control
no-cache
cf-ray
827496a8cfdea03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 829B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNWqbnp_Ef6qbnKLDOYD6_nWTPRQrzWzphNXS7eIZ9OAOnXfPCU-Jm3PVrbunq4-eIxeyuNeVLgsFKEHCT8uSzRIQNNQMg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMQXwgFm1xNiVKyEuksp9f4ss4JBZMhh3nNCDywLf46ElwtAXTaICvJrSk1hf4VNQoP6VbuiDOQUS7oPsBTx4KS5IfxrZEudzhuWagwyYdI0fpENR0rnFqJPNf8Qh9ooRapV%2FqtmWA6%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496aa893ea03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 829B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNWqbnp_Ef6qbnKLDOYD6_nWTPRQrzWzphNXS7eIZ9OAOnXfPCU-Jm3PVrbunq4-eIxeyuNeVLgsFKEHCT8uSzRIQNNQMg
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
3eb2ec24-8262-4930-9b1d-283f7c708eef
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
an-x-request-uuid
4eda0c68-cde5-4060-bff1-dfe3b4a8ecb9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 829B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEzMzAwNzU4Mjk0MjQ1ODM0Nw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEzMzAwNzU4Mjk0MjQ1ODM0Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGIzih_0BMAE&v=APEucNWqbnp_Ef6qbnKLDOYD6_nWTPRQrzWzphNXS7eIZ9OAOnXfPCU-Jm3PVrbunq4-eIxeyuNeVLgsFKEHCT8uSzRIQNNQMg
Protocol
H2
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
2e10a307-484b-4358-bc50-153e6232bd88
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTEzMzAwNzU4Mjk0MjQ1ODM0Nw%3D%3D
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E4BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXhTfbjFXzXn4zg5i7kAjoQB5pTvqOGG4Mlh4LqDOqbIGn9O7VvnKEMRhxnnkR8msRNisxwmhwERn8fjtjKsQo_FA0rxw
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzpQlTQZzg7kOvY5AyjSH9AnvTGF4Ehoa5PA6OMEwQ%2B%2FZALtzKZRZ5opnA5FAuh1eMOhm9k0evYvCGID7hsa61YtNm5S%2FaT9ivTTzA8B%2B9Hm%2Fos%2F3wZdi5xWZ%2BW9GU0woZeaJBPpuG4GpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496a9986ca03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6XWgXT4Tia%2FWcgnr4i7LRF%2BpwUpGhullDRPKwZ%2FCnuXquHCFsjLw3aELo2TirdxVWvfI0GdDJdrRieHcst7LNb%2BuEWf6Zv6xPGV3BMFr5FRTys3t03Ba9VsvOCj8m13s7HcimGrpb7lPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
cache-control
no-cache
cf-ray
827496a8cfdca03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame E4BF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXhTfbjFXzXn4zg5i7kAjoQB5pTvqOGG4Mlh4LqDOqbIGn9O7VvnKEMRhxnnkR8msRNisxwmhwERn8fjtjKsQo_FA0rxw
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6iKYilNNc1%2F6RF6gHrruzMU%2BwOsEsWRse9zYpXJ5ipTlr5nX7d3Q74Z2527wMYqMheNKjJq9o5SVX1mLu6XbY%2FopBujk3flaTfgmHbjpNfdBbmHugfZe3EDN3L5ujaJHxt6B4fpgFP2SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496aa893da03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame E4BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXhTfbjFXzXn4zg5i7kAjoQB5pTvqOGG4Mlh4LqDOqbIGn9O7VvnKEMRhxnnkR8msRNisxwmhwERn8fjtjKsQo_FA0rxw
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
5d4d94ec-16ae-4b94-824d-8c5905bde77f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
an-x-request-uuid
de6943b5-1070-45cf-82ab-f53b693654fa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E4BF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXhTfbjFXzXn4zg5i7kAjoQB5pTvqOGG4Mlh4LqDOqbIGn9O7VvnKEMRhxnnkR8msRNisxwmhwERn8fjtjKsQo_FA0rxw
Protocol
H2
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
d65afc23-c853-4a57-8799-3a2eec27fd84
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8B28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGPnfh_0BMAE&v=APEucNWtUJoGZywPOjyk1SRhsXjNhJ-7ndyMr7Y4-_xVWx110x8QqF8coBHGD0wr0POI8ajolp13CLD-tTqece01NfOi9p99Cg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3qjLWiW8K2ZHYSuLzVMnkZbSZorEuyxfLm0OCRIR8uglGDcMB8lnRuZeLZxUSCnXg1M9Gx1jMXZoEFzOs2B9uw27PdyxJUWTko55SvEH6eTAudVZjDGwfOOgbZjpaGinLse3S2JYV9sMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496a99872a03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo8xOUlhrye2BiXpIKk%2BxfW7WUGb%2FogMEUoKC6VxkZ0LnKiBVlCeog8Zpmk2S6TA0wPjY7XrdmIsSDXdXubtQvX0ET4AC78smmEvLeAfgwhpI0mYEe%2BLqmogbnYczHGryFeBoXsfg9ELsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&C=1
cache-control
no-cache
cf-ray
827496a8cfd9a03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8B28
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbRw2Y0.xdbJmbNjddT8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGPnfh_0BMAE&v=APEucNWtUJoGZywPOjyk1SRhsXjNhJ-7ndyMr7Y4-_xVWx110x8QqF8coBHGD0wr0POI8ajolp13CLD-tTqece01NfOi9p99Cg
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHQKr04zHOTfvNthDjxK4j6W2prmxTuOTcMM%2FWkhtjx%2F8tGtL1wb5DWc1sKAttnYzLX9Q3K5NcIh%2BawbJG0XG%2Byy03ZZWMIzklU5KOUEE6VIuQldGXCsszoWD3TPYMsdI2OerUaOA6QCoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827496aa8940a03b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBQE6DxKO2eD3bskHdeyp0s&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 8B28
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA3BeuVn4lrAwDVLdMERmIM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
43 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGPnfh_0BMAE&v=APEucNWtUJoGZywPOjyk1SRhsXjNhJ-7ndyMr7Y4-_xVWx110x8QqF8coBHGD0wr0POI8ajolp13CLD-tTqece01NfOi9p99Cg
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
177f7e07-0aac-46cd-a421-a0b5102337cc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
an-x-request-uuid
0d702a77-638a-4313-a4c4-fcfccad99bf4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA3BeuVn4lrAwDVLdMERmIM%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B28
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrSq4cEEK3MiZgEGPnfh_0BMAE&v=APEucNWtUJoGZywPOjyk1SRhsXjNhJ-7ndyMr7Y4-_xVWx110x8QqF8coBHGD0wr0POI8ajolp13CLD-tTqece01NfOi9p99Cg
Protocol
H2
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
an-x-request-uuid
d07a754a-0b7e-47d7-b648-bada8b284a80
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI4MTczMzg4MTM1NDY4Mzc0MA%3D%3D
x-proxy-origin
39.109.224.42; 39.109.224.42; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC7D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:50 GMT
expires
Sat, 16 Nov 2024 02:36:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		91 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
be9da179cb65bbd5860a4624ebff3a483668ad7d68d6bd85c48ee3ed71a2181b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:52 GMT
expires
Sat, 16 Nov 2024 02:36:52 GMT
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 1FF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvEZvpRV9O9K1N02oQshW1KzJiuCtZS-H5NAoO536HOcPL-JAzXWS2hPYMqw8YNnBK8BjMpdFjOixjiYkciftw0e8LxWj6gGky4Jfyaffflpz1GXdtD8r9xYK6INc_fF-RTBwtT8x_rnazG9m_X5GknMNMwalVZQvZGqd7JNwnH9PBeQqooWvleKeen_rc3fm2XvQ5tQoNk-OgcSrn4PORxl_U5ncBHriEghIRblfgT8AM5d2YXQPTlWQ-ZUmZYVSrBqnuVhWxEylx0RbPZ34PPDaTHvGw4nwxJWnpC_zr8wZUcsKwSJxfeoPrRSaLbfYJCDFvZEdsI0Zo6-sIFz9RzeBBXcOMpeLMBYazoWtTEsTdEYesutLQjpoJPKhehZO5ABVEkNgIjlc16DWUtUXctyYVK2xrQX8DvHGCUKb8Hf1THIc_hXDSUmX9pv19mvqiXitqkyB_EFdOnyGKu5A5GQNqlL-mvueTGdWXd_VY9hwmCKjWeIQWa4L4bIylVCCL41cNl5vyme2ZWjisjPcZIelBtCIM7vslAfVM8DyY86vufJ_0wrwrdDqLtKLPOuLlw11TOLzdCG0b_hCC5txQ4PjYfOSs1XIqNCwze-QihCyjHAVBtDfHNc1_ZprpaEwSWLM21Sw1KPzCj_bnTsolyiOOtk0y859jRPXn9mMXtzlD91BZ20lUjmwsN8czrSVAtmXmQqCVY-QVIVKP4vHyvgIxp9L-mNkWBNiiSav8_eXbktC1MYuz5x6wiwODYiu8VpN0HLONJiGAvaNH8MnsQFGyYre4-uCAArc1zo6ZTtODCTQ0VDVULjp0m_bwcNiqG3sgHwB0U4vFCQOBDKubFnDgdKHiJe4VLuWfDBGz1DUK4MfUJ651TgV0eFggVgORyt-jodR12-yVLaqoEhSrlq8uhEmzrWY6v4bFP3ec3LEEWTAyHReS1oRU9gd15RrPY15ynJS90SwJNPt54paUTScELn7AvqM5behTtxNfCLVWp83EMr0aDPvkhkHks6WGM7A6xhvjluLdIUQKVUmprQxBVGDs71sUi_jDQ1jqYQ-u6jwb59kNwaMkw4yBsj-33AP1FcQuInxz5Mi_bPLoTQTpFRRjrFTcl9INpxH-7q1Uvq09-hRspeYXWxxGrPDckWgm6AtsgOKJF9do3exeTKIYxLJMTVBgmkIL02joqPFVYUgATLWHc8oSSyIX3U335PvVjbSbaVk49iuQL0htGi8SAJaSaGJDQzWfFwQA4yVZcp3wYmBP_Dtkfg0FHj1fflx4HW58pmEZ7X4cYHvM_-j-R1veMyRDJ_TmSYpQtnHnNiuGTb6yL2R8ZNxAMIQRzJPoSKGeg0Sbtu0V8huW05BzcsLBNRRDDAK1gzV_jicJ1Vn3saa4s7MkkqIiY8fL1iU1Pj71Kq4OGxGcJq0hkpXZj-h3lUsjSgB4B5xw7yGWy5JVpNEydRWU6w8CWeeO8FIZeNd5BcB3a06PCO3NsTxF6zQ&sai=AMfl-YTRrcagcA3aQlJJPm04MyAjap9NJUOxb0JlOoT3yH28pr8iuK_UFzTf3DbJSGAV5-kwkA7OYE3-zijnEvgkpcgPjMWkfYlvV17It5k0dHvIbf0OeTsYAyu5KalNkoWJJluu29NYbCWsPjKE6Idg7-UwFWdtacaMaEjWXg3wOZIqsmA7MQM655rPSDrRRWlECmHp9z-ar3MDAF8FjkdhrNlhMYfTg-kb35OQx3HAUKBWq-601InhsT5ngxH2RYAVFJoQxDWnSa1coAfWrQKLwCLbeIcEC4KjXMHeCsXg4D5YZIPnvzky9Znix5CPMM-1YTjsXQs1urteZKM6PVyNrS3y7FXghFLdjg6fseKZqPd_hT3vnQjR2W8KHCY3pvb2PajBgb-uKO_AZpXHKL5LvbQ6KMDTwjPymktr0wY7-Ce41ldwTeg5fBk4j1d1xGkDwI3o9tGDjMw7474lUvF4wFUnRHMwjMQCNl8DUjf8RjgNnL3Xo48aHY8pKppen7QxmwvTe4k&sig=Cg0ArKJSzM65J5JSAPm3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=952&cbvp=1&cstd=941&cisv=r20231109.17966&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3474695440923&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3474695440923&version=m202309260101&ct=76&x=1&cor=10700197431386034000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 38C4 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0Qnmb5e-Kx0nIYNPovXMmq92lIZkL93BgBhTXN6NaEochO3nJrace5HC0n_vV_WG43tZOgK0qpf9V4im-CMEL9WST7JXnWoC8ni4NXLRWu6FZmFgTsX7ov_eZupMvp1usBcla7NN_a5_es-c-riZGI8uKUhC0KNBEXZomTPnrej0Sqvw&dbm_d=AKAmf-BQoaIzIepw9yo5SPFN6IRxE9epp0ROHnVZHm6OOvGaZUcNAvhcEd_LIYOoMlE3lHQkMDspdQ1UtSjLjt9EGtPi6W4Qsn50c7Ggja129XWJxWPZEKXUCtAXzNCD9CAfr8oB6I8Kui5B6fL80Af8Gcp5h4ncVn9AFI3ZE3QUyGwtSLBqJVFrdXRMJIr4X98vvAjWNQPWrdLAQbglKiLGqfK_Or0_HZHI8_6JO3Fvbpx8VH0_-3zznAz608SDpkCiawRZ9PMers2ehLu4VdLwtqQyPxoi_mSy363kGWgDo66iTjbCJXm6YPGAoMDeXJLrYxBoq9FGa2nlo0FUg9QPFiSGycqdAbk8a5G4AliTalpGisg-OPn528BQwbwUiHthOJUKvaxA6synXlm_xnaGQGFwrNznlly588GdaV0iPFYbshABvQTx4ItAj9piyFlhxSaL11uURiFeds-08YzMhyKONRl-xyLKDCimWzc6o9qQ7g1suR0h_h7ACiwvzEfu2or0btjnW3yOAn74qtL8_lfjPhUF9E92K5ay13fOocF-QWoO2Z4Gcq5w5QTAqd4FG28hnzC_QKIG_VExZWv7M6mXDZtHQ_BuBqifOhQY6qwwR5j1qeO6EZL3lyqsFAivfJP6hsvS-NhSietXz9tCy0azR9fw0BsexvypDBUdNuqf4GW9SNgTvsA1ve-jq4kf-OVL-Jp8KoCSWbMWzqlEEztRRoD_4nOQLjaF1fQ2Q9tpXaBf2tOSBBQCt8vruYJ9u3UFmraHl-PWo2kUFKYKE_0e1azf-xak68DI7Xo-ttCjkqbgxisjFJvoM91vx1eZCKaITsL2f_m4WKq-usKHv4e2s0J7XJWMrdGXN5PEDNjgcbxErDVH72b9WNJilV6Y0iFu89mmRBfCPrEAkAp7TB_4oYCD_5Cg1EfhTntOoUb1BPK0S9O9kzqXexltgYvHT35giSkLhJXj2AIxF4i__Fvb8RdTRP68Pc3VnVo53S80a8Q9nD7OLNZwMp9SGmNJ9XkX-3edpsxNbXOiiKHrn34OruD6oCsMFE8klr4Us04E4hwZaytU0SW1T7VoYPNIAnhOFY7ceDRo6yDNAhEpTG25nALUx3-o7cJC85pgW8_wwvGFBahWRplrLkBDDn8nRhpnaMCkQcNr_VwfuOnY7MvibTKlBPHCS4mz6CClQZwURo-DrQDsupAMcUCjNxiQMfiIBVIv87deE6_e4kSzna4VGta1-vNnn4kMhuRm7ypY4eN0lVXYEdefhfeKHSywHFRD7hSwyyo3m0FnNSLg0U18whfrP3ZqfYj7C1kJ2iqqCn1S7ysOExVEH2keH-fljtLCWAtXjVpnbN8r7jWLW5ASVHQRgEI05MvU97XuAZKSuaZ3FGoFoFt38PJ_zrnVUwqkA9GDAwLS1l6Y-I16mSJGxig9Z6NMo1G-i9SBl748qYteXFCPBwBjRMHTyoesUXdczrIMgCgFhUoCTVgn2-eMsgGsbo5zaXCuPSwTiQzmmJqdnH5VCwBEfz0LsBj3Wf7sHT28dFLSm4Oag4T3cJWo77qGNxHTryWZZzH0nZ8Y6c-6Hj92j2j_fienONbCQ5g9pGsWv9cSOUORYpLV6ijRRCKdHBRdNtQYim-eGkLrLUhM12zUquOhYgExIDFdFPp6MITCq1c5NPO1w4uf0RFkARCwdqzeViDxMQ0QGMgTXDVGELbcaeZbTF7tTF7LQ2TfbD4baRD4DsvSuOZGOw1__zAYt8-7bPvjiDRKEM9CFVlndvhvP0oizF4aLGpQQE1EvjBQjSZLUl6q-_NXMMMCSAXOVcBor8nGIdGYBMgNlwflqDUru1xE9OpFyLWIbzx1joWXnByu92Lu4opF0RVUqK-kQUHKHqwGOaK-CSVhFKnoKtD8Kb2T5hOIogUyFDyVeWkWNqP2yAnOHS3FQkda__oKdt7ex_LHUdCSiuaf7kj9JB79aszuN2P7bZxK1Sm7ncpysPMX65e2c5j6BfwadGWGYA-p4av4g8TchUy6vMpFfnSi_C82V-9KXUcdt1-5JuiqY3X4roXj-5_R58Tn4OaUkdaW5gOpviJtegJiE0AqOQNFRnsrMM70uuC443lKx6IvdW0pptVz1M9Og_L8h2T3coNbQrJomAvVzLos-864zVD_wS00wPElUCh6FvmR7q7KcNJkUhMzZDX_TkJ3p76w9SdbkNxxnjmD103K9tdl_lJgVguZXi7uR-2KottYXr3Ji5S3ERYPUyvlfvcc31Bd4SnCbT0dvI-Ap9ZmMcyrhTDM_PX-1O7GNSeoSmYfNYHGwJoyRfv2QFSZ25NFLzQwxF42oSJP4P5yhy_T0yGhU3hMy8dZQeuJbF3HUdg3sGvNJdgIojEL6iDZDPf31pZzXiPdZ8z0hceJZio69TL6hRZp27P5akFfiG_HnNlZmV1LCO53jUuEVjslKW1d1gv7TcAIeJOodOEtrYMaUlQqnlmPYFljE4C2cvo_9lzeQCEzO_0SwCtQeyxhfxjYIDRixJ-nr_GvKaWBTYwObr5uYNxEguVjQDGMhidR678w2InvWbsjZ4rucTfp18CdvqekHrfrTaYZ6DbSEoHNCatwwrYMIlwd6JGMLwYmv4skSIBqbFeA887Y7kOgV-FIB-y7j2a1JnMfSaCT9W1Stwwbd1NZdkqtirR2lvt7EUGj9z1N-VEf4qmmKxhERFooCFD9b2QSbc-BgQkiq8pbWJNH9Ycfbf9OQtM_BM1jUYS64bqtV_BG3kPaxu0tTlxEgiX2BRAmXPcWs8KzZxaFUtVpT1EJTy2okSi0pjbEeeQuUEjD8Cjip4vUTbM-OFFRZO7cAisE_fbUBE0Foe1Rv9i5iAoMsPTspRh1vlXE6YejruATDXqcibD_dfZsQJSlFDJpExaWiJECBnoNIn7KPqnSbdQQWbUwbLlFS9sLuAsDWsEwIdT4ARWgTaD2I90nGLEPL-yXx7XD91J_lv8M2JaQRjgH_Fxa9GTZsdVPj1kSIMiEYikYUY6ry4dPXp_hlg_uypKfJMENio-std17ibAU93_zSPZyhiOnw02fAf00FYYaza9XOEBKFhsFUAn-qbdMciV-zlApgHkbU4bjk1LaBit4gWeozGcqQCk14WyoDgw-JRv_K0o3pu4eRo13lgdMnLHmepqp1OcdRKUTYUKJyQ4QX48hZNQv22pJ--f4MqYB8XyH4umtFB8Ek2Z6wuHRU73zbVghA3iWK0pPoPRNkap7lWC4wkyOscGmS4FH6mQu-5o1KYCjuYE457VkvsvmowA5d0yRrFYo3009aXs56q3vX2HJxqFLaVAK6Jpa8PtfxGcBnK57Y3km26t7_vHrd9Zym-Qfv8s6QwyYSQMewyZUCytHYRn79pknes6TEAeP-rW1rExqIv58ev77MnZGxXcFGE4AnJ6Qw0Eyxzx-ebBLWuEQjVyRzfJsGLjtD6hL1FuEhCBako-MyMdRbwaJPorUsLoECEi9sYMFmOZ0pbmQTDRQ5Hq6s-jtz5EVl5_jMw13Wg7EKldE6riSfXva_9T2Or0_DelEYV_QWXESDXHazcBp1dr2-TsXq77tJgJdxQIVIoOPSrTayPrFKvjSXdTNe64YtfcvL7VRhv1qKhjtEptCh1coxuHNkUPYMftn116uheTFz0BdBuGp0SmjCyA2cVYYysFPp11qjbgR81xXRiQmTeWqu1LTaLD44LeDgsFsMiXcvxcg9NqVOl5rq1g6oH0SWvD7NwIdJoRfuopM7mM7HHnR56Ni-kq91g2jBombDbz_BZa2dIDJhNkxgKFuKgPYFFBwFYbAdZDML4rW2SMoFQg7EgWDDa6oCYWKwgHxNgAUSsSnGctqWtyvJey4u5EsX7E1XiELHj5DOFDywYOxytt0iZkQ_VCa1sw_bwhTtvYtSD_ycgv0fyTecKMqDIupV4TmqvOmj9wszwA&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bolatimes.com%2F&ds=l&xdt=1&iif=1&cor=10700197431386034000&adk=2228999115&idt=877&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
90bc689a417cac3fa039c53b51572942e1263a8a2c5d722722cd039b7c420330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38950
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		107 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
4792c402d2165a6cde3640d3b9090993bfc447b8639881fae73c753ec64888b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:52 GMT
expires
Sat, 16 Nov 2024 02:36:52 GMT
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 3612 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvoITHqRzz-e-W7l2AiQhSzKtebUezbLZLk4y1KBqDr-xN3EHgNxn96JImh3fBsvAbf6A7Hb2o6EwtbQRDMOVdWQEiGWl64I2poSL_I73K1xgVwdo2k8yxGfg93nVKMutjdOOaWTtSJGgXMUivqnGBlrvHUdBib45C_oKYsNitkWShPqYC7kQG479eyJkyW_e3M0g6uFW6ehnbpoHpwQOuXETEN67eo7JDrOeGMZIqgT_y4XEOQUGgGp01G_tauJGCpkRImm-AopgazDXDhVBN-ynBrHDKFNjgMgvZNIz6wWJ4YvjCFUZsTTUX0Mm7dmuCkfghB-yfjSo9D-MyXR7LtrMAvWbvDverFuI5xZ0r6t9i55woNF5a_WSe2maqhvh4sdoT9WG8ZtcYZH_esTQno39CH035Iuw0zMmfp-myHORPsh0FR3n-TQrShRDJe-WW1wamcGtkrN9gnnefbRp0O0ykfefR5kVcPzm2_Dxp3ZK7qvnQmzXaDtmeTeTbPezn5o1RNpmZd1S7yR7-upIkgp0XK4JnmkSLqnBiZDlWNziOosJNB5NcLZGgK6sPixh0L9xKeFmrbL57WRbbu1L8qav9HFLE-4Rw2K0i_UjQpC2RGZK3E-KxahvAupl9MI1IQ33ZjkIsSBYQLbAUqPFouBkPZiRF8_LqXe9cNc3eA5efeQVfqOzaEznJJ3nER74f01KSQMt8s24TA_0gRs_LQAMbq8RRIRXVxmdzOSPy7rXVbzTuyhfCr1JlNsmLqbILjpcRD1l4J6JHFdfP2bhPJOyTYbScOwDcuoQUJ7ItlQo6mbTPh4mPlQWW8rIe6DmHrNQyMxLQGlcgtFB8salaElkRPuFFvzPHlTvZBvkXFGCMVF8ewovc9Ub-ehI_d8rlVX3-_I13s6PTfbhgaGW3r8jCf2-h4MTimJBCphvQH8MI9-IAyh688T4YfGQ0hxZeyoWZIkTSSCrTPrlvpkAYjoqk9KIwpmEiNGUw4HzER-34TNJX-8PLwq-X_oPwzzF5iL3LM9KEPJz2mYbZElEMTWkNTxmKpNeGJYduYKdPYIrFxIE3YO3rVxgLn2llYgUUYa5MWkJjTHMjjUt-Cem2ghLwegMKD102a4VMj5oHCBfpcHj1d1lk_Fa7TMv528KH-syT_xni_O2VcwnQ5q7L3piioPSJcX7Ne0g1WMIxeFLWBUamY0tYM1xlcayPe4aKCO7ccJwlGIkrFyVD2AZMziLtA2RZqVFNRmVReuNA8n_uZWnRpE7_4rujoQPL7QlufHPzaoI3ISUE6Hh63Cv_YLnMlihHyRuhUQ7aWbcE9ouFACY6QhnT-XAbWFgav79mtvPtlZNOxkON0tMzIqxygi_DnrNmz-OuW2Qn5tuijO3IYe0_tNzGQiQHybZlI3EQSCNQsxrAdketwTOGevoaTApVEXAmBpom2_XQWPndw57lmUNPssGVkH5lS9-_wwtZlxUVFFCgqoGfT89sfqcX4TTHy&sai=AMfl-YQ5ztFHvJJI9nCyIZU18FpE1IRDkziMX9QSj1MmXGlpng14QNrqQnQYCehKB2ppv6SyrXu1QM91XzSJGdNXQpJwrMvYjGRBoliyWREUMeL5gHMoNiXaEiI6F3V9CziPt_h49qykZtSrlXxWiSIUTGlAl7_j0UvYDXKwaJ56Jk5zLmuEMuYvz25seOjXmV8Qp8gM15dnddxoU5FcUYzcEUvUQ6lkmsaa6-e1F-A1UZbsJvIuwwrndFzMr1sklqgldLwmsVzVIamUYqRhoIc-s1tINz7yMjE0-MTDRWJaM_gDipH_1Ky6JVoo4Q7GMxhv7f4uL6xLXBqfOYunAsGSEvBMp3eVwTeZkBVOF6UVXHIeGqdKZmptuFNUrAaO-R7gxyqbEh4oiG8FcfCqpT3_2ZqqyTTEtaXi2dCeEI4skpz34cGvIr7sxRHPxA8Pu0T8-xIg_bVtYxuY-4hNos8W7D9PXdvUyBN43GVN2aQZfSfuMWeRRQ_GhUC9Kw1CyimC-C2pTKY&sig=Cg0ArKJSzGGIhe5HKycIEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1031&cbvp=1&cstd=1023&cisv=r20231109.45744&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		91 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
615eb4546009b44f342dea2bcd5eaddbf5c65268902a415e963eacc495494fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:52 GMT
expires
Sat, 16 Nov 2024 02:36:52 GMT
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 9562 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssY9RiBF0SCKoDjHQno2nhWsX1ZKOKGfJN9LKDadHk_HqBXYtDVnZUV2_Zo5M7s1RPAkxNbcPbGeEOT6iUR2FZ0zigQlcFltCDZabl_Rh1UZcRIiGtXqZHWpsxFVCD0CKxULqerPWubcfL17i0zJZP35BdUpE78OpPxZ0eJzXsLLhx8noBle6z6yGg1CZuOZINDNGakVJOjBtWcmebDNy3ubXALXzXagbZyNpxjc-plm2Q_g869_Y9CbQLpkpgufuNLQvX4_ehlEfkzpHELucNSHMfFTEP1JrgrwJAACQ3LX0DTwckEqDlv78e-YK9e8X1xEFaQ8odaoLImprpfusYtLlJY50rEyHFWrfg-wLmrpxZiwRn-3fTPtf_ZgeJNlVs1ypw28HGHwUwsHuNdnci76HVOXbZF9uSp8SVUHm8nvvNZWHlC_Hq1cs1RARotT7Jtp-SFxXaGOF9zdoxJUQXZVynrYXdYFlYiTHlrPhsXu6zS9OsTng8HCFNyVcu7QiFTIKZQeE4a0fqTLoFLfJCfumqUGQ3tZwBb0fmesWa3TzkX-2QVzUJY0P-mq4qtihCsh-CADAerhvnnBCQUuroEyqj3FAN9GEwfHcmrTePwStD8Yio4tQkeX1Poe8XCubFandTF1ecmNsA08ydXuCM6NCb3K6m7O6CzaU8xoZCs4TzReqJDSYV_4JKk91IB43TFe7BRr5BYaQ4YA3aMVsEPiANXZNVQXI__9kZH1Sli5X5XlFk2Qev336pnqChglXaEtoEGWzBkUOuxIXFRbM2iO84KmpGr-1aH2j5qcHcQkdDlYX3uoK3V52KsZ6YFZYmdE8NCS5fPoV5qanHv6Cwik6MeHeY21baElvuj5TRFmEk9PZ85UsUqLvj2N21Y_jvfk3aDt3oANUSVOhOF1iUN1AvL-v74SCJLrpxQothRabSlee1mT6c5y_lrkWyJ6yWoJsK73qmVjCYohOiaaaFzwVAthSFG5BA5J5lyexx5hyrxmqfWMKEw2Ytd7fMDFWyUoKVT3vydibgo8e_6FZ9hYhJS3HtX8u1K5ecoud1CEPj7WmuEUi0tjdQr6XZjB6AKvDiiKmTLt9XZ8MdOeI3Oc2dJG1m_Em_W7TfWIzkK-dEick-jOyg-6RAUoaI_nsqgmrLZXRd69r2Iq8N4TBwtmBz9UR5ZY8ks_VeO2hwGLkzVSl5HDBUEpeQ4nW1HXvDAj9O5D_yAqE-VI6yPAuN6HNi6XPU4eu_GA06yAx5ZCh22A-YTdmccef6LxdwK6rMtJ1Ac0pA00Fd_Fdrn-fUydyPeyaCKAom_8ANy1er0vE0AHUewHIb4pyNXRyhZfPPDzuUyXH_D14Y0h98Spjy_38FT4jrDt8SMQe6Ii36EfXJV-otKycDyHqciO2GgBy1Bz3rAhTUxSNMZSn6c8dNvr-S3ulLkmhXYFfI2MIfw5mqz7pFN2C5cBjVuPeAoLm6zkpnu74CZhU3RxtjeeG2K1ofS7A&sai=AMfl-YRprk5hkWTH8TVHl1rG0V0Eu4K-fei6uJW7XSNYsB0ogW9EeQl2yeQemUZ80_nmcKoaarGd7PFDDWUKV5StY0IY65zVuZLf0oJDoL0GcV9sWEh_IGwZ4wK0XLfsyxAEReIXC_S5O9iWlOGUsdaWTiPRV7ybkXpxjED7M-Sxdwpsm74Z98KmZZxaVXFoFSMJqnQO77sskafYQFUhTKyrWc7HQvJpKUM9eGs9BANgPm6HCj2ZtTshIPahlbHnzoXK-4UmXguNc11CHhtmChiJAdb85prGKpg6howjQ631dfPdNEGNu6X1OBK1aXJnUhvMaK51g2vXNE6KmEDTpD6rZ1TJMEOK-fIBLMR6l_MHJBJK-6vRH8wN9QHk3V5xRlxze13AS9Hc1MYG5wZG73w_JGtabdYBmqvsylsW7SqiCy9ptBGh2zTplu4IuDQZWZ9imv3jnMbqqzjNNYFwFbRRDx7ChkaTkwXEo-hgqQVCjNPEWmQtMLOphvVf4yMGG5HmeMCRngc&sig=Cg0ArKJSzGM7cVJb80JdEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1032&cbvp=1&cstd=1025&cisv=r20231109.24175&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		91 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
615eb4546009b44f342dea2bcd5eaddbf5c65268902a415e963eacc495494fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:52 GMT
expires
Sat, 16 Nov 2024 02:36:52 GMT
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame ED6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv-hbglb489K9JtdjW5vJobFV0lr5H8ASPDCA6P5j31Cb4UpaT43NwSn3oF7hpf_hsMElUbFkFwT3q4CMVvkyBlkTLgSti-87Y18cvFb9g0Royrlbxz4BCYNs9wW3oyOAm9ABq7tz5rCaXm70GY2CryGbzTh27usjUI9kuSybVPM4WZXfnqkXSQi4vYts4fB8F5hhqKa69x0DwJDb1VNztWSFsBFJCHTr-d4R5kJOXLtuAmcloGk2saNxIsnKPoOiv5ltV3Q6KKpaa4OpRvnfltuv0YNs8WEJDZkva0Llqvd_KQmxAwLEPS51F5yr4S4P491UaJBDfsZ2KM5mQs-sMEKT3P5VOUqce_Xhfg-9bmkeRs4TQ75binELyj1SEF2Of6X4PTuYD_4_ow6euyRm7nk_ZkGIKvtmsi-qNIimTjCwPmlzpXcwqiMFlkNiu4nwOR2mxZkxsKTcO8O8S24GDa9Wb0lDpli7BCLlF7-S-pdhTukR2J6_PbQ_mmVpgYji7nE4J1JhVk-wYVPQeQzADlfLkS572xe-iJ6iqdAMfgIxI_VWDAxzttUWrcuwsASRMvPdqX9t5JY6p1Gygov9_-h4hiXTqx_hxFYMD8dQ_Siv7ygMrT0dFOx_1A-MXXMMyL5kSpWUbX1pRjjLcaGt4Y9JfOMdJ6EomE93RlBjtoO-vfsKDX7lQwH68z0tMyYdw9Iz7MBIln9HQbFT7G5OqHEwUKMsL5E_iNDZINiAV9cmj-c7MUMEZVIxitjnDW7TlMl_fmRUeMkMHNZO0aP3SCWYkcdEcNFac2tret441mjMjhiphAmoa1b5AKaP0RBZicY7crjyM3XijPb24OoRKusdmBVzUUraUHrvsS-U4kPEq_gUmxNzjjr5LjHSqDnXUJ0pCuuewaX7ofq0Itq8sSRaDSXJoV_AOvY7TVKFflJrmmDjeXAzvrVjPmNlwGdB9NzGJvnZTXGgCGYhlorK7viClbCxXE-LZUNjZqsNGrgTaB8IRCZvJpoJcUqEvQu6K6kRWQ87AxfKzyGodY2K8Jllo5UsBUg9xzbXLOTcXTkzOTMvAPjFMkhdDQRdRcqAp6s82eLK0lI3pQx8QSsU9eoSfESFWLRRxSsn6Tg9J4YcFzHjVYKbzcAobl7eUoNM6TLNq2k46gbcKg789BGb4sRdjppSjMikIAtRxIIulpDd9jGnKrnt90kKeQuaiKvFn7ti_kDiKCyC0624u9LV2weczKFdTdWYNhqvvxUXbyQtESH9x6IwrphQtNWpslHK6DcVGCGQsKAZb0FjJdZ4krLx_7f-UeUwiS6l487n14cpHiA9HKwNYFnoofDcd0wUGujrsyhlEUTLxh9Nx9tUQrNf9OnANCZer2JCGX1z69WdQx3GLYfW92eEzaFepDUV_4JyQhRUH6eaM5y_wUfglNX2FHMjYw5ZVjJqHDuD8HDOVRM5OBkxvtpkJ3z8JEAfkrLJHUQ3JN8pW1mXJzH_zZUyhx1A&sai=AMfl-YRCbnesKvFai7QKSHL_fPBYLgiKCF71SMryrjmrzJ-6FwF7_Jkd4Y6Gpw0feRhwg67oXSZF1IPOctIPw_Bq7Y2s7MU2PkkxzyGtdE0_ia3JGJT8T_lh6vVi6vfSpdWUIOaW9G3kJIg1WAXgBy-xB2Xipo_Wm-4bywpurHWA1qgGdnXcrF5vPhHjbi3Ox58mEfZK4CtyzXhWnfUkW_h39ow3cSGkzIJf6gH3f6poytxLSBT6un7W3HbMxMU0VDaO42fHpCxx-nGzC4vdNEvsdRJ-ITbcJV3z729OGbWbICeoIAycsrtE-ngsC6Gy4QZ-o44VAYGA8agE_lKFcECQS7wzF7lzRilhFYGMZB5Ilst_x42oS8Wa_mcehttlTeafFeVxCOSAgtoC_hOzPAZNuUasRS2tbTrYrandMJcY_ldGQrW6gotnUUqfGENEzFxLeVPfeK0VMsdvfOmhF6tfTlXJNE0-zyyv1e14Ryrn2BpNa9nsVA9l5dbj354A-j2W18a7Cow&sig=Cg0ArKJSzHho8rYGfZoSEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1031&cbvp=1&cstd=1024&cisv=r20231109.44786&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css2
fonts.googleapis.com/ Frame BC7D 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:41:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 02:36:51 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame EAC4 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 17 Nov 2023 02:36:52 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 17 Nov 2023 06:36:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EAC4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
28477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 18:42:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EAC4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
70673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 06:58:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EAC4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
145858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Nov 2024 10:05:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EAC4 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:36:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BC7D 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 02:47:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
85743
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 02:47:48 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 0B25 		484 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fe66cb7fbf8161bc2df338358bed1cbf07d6d3864a897dc25941c8ccaab248e8

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
308
content-type
text/html
date
Fri, 17 Nov 2023 02:36:52 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
json
gum.criteo.com/sid/ Frame E5BD 		425 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=bolatimes.com&sn=ChromeSyncframe&so=0&topUrl=www.bolatimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bolatimes.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
414fd180e1a3dc5850da54a3f7afe18bb0324618511c00ae9a48178d8ae14657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bolatimes.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1383663
expires
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 38C4 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Origin
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:01:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63297
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 09:01:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 38C4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0Qnmb5e-Kx0nIYNPovXMmq92lIZkL93BgBhTXN6NaEochO3nJrace5HC0n_vV_WG43tZOgK0qpf9V4im-CMEL9WST7JXnWoC8ni4NXLRWu6FZmFgTsX7ov_eZupMvp1usBcla7NN_a5_es-c-riZGI8uKUhC0KNBEXZomTPnrej0Sqvw&dbm_d=AKAmf-BQoaIzIepw9yo5SPFN6IRxE9epp0ROHnVZHm6OOvGaZUcNAvhcEd_LIYOoMlE3lHQkMDspdQ1UtSjLjt9EGtPi6W4Qsn50c7Ggja129XWJxWPZEKXUCtAXzNCD9CAfr8oB6I8Kui5B6fL80Af8Gcp5h4ncVn9AFI3ZE3QUyGwtSLBqJVFrdXRMJIr4X98vvAjWNQPWrdLAQbglKiLGqfK_Or0_HZHI8_6JO3Fvbpx8VH0_-3zznAz608SDpkCiawRZ9PMers2ehLu4VdLwtqQyPxoi_mSy363kGWgDo66iTjbCJXm6YPGAoMDeXJLrYxBoq9FGa2nlo0FUg9QPFiSGycqdAbk8a5G4AliTalpGisg-OPn528BQwbwUiHthOJUKvaxA6synXlm_xnaGQGFwrNznlly588GdaV0iPFYbshABvQTx4ItAj9piyFlhxSaL11uURiFeds-08YzMhyKONRl-xyLKDCimWzc6o9qQ7g1suR0h_h7ACiwvzEfu2or0btjnW3yOAn74qtL8_lfjPhUF9E92K5ay13fOocF-QWoO2Z4Gcq5w5QTAqd4FG28hnzC_QKIG_VExZWv7M6mXDZtHQ_BuBqifOhQY6qwwR5j1qeO6EZL3lyqsFAivfJP6hsvS-NhSietXz9tCy0azR9fw0BsexvypDBUdNuqf4GW9SNgTvsA1ve-jq4kf-OVL-Jp8KoCSWbMWzqlEEztRRoD_4nOQLjaF1fQ2Q9tpXaBf2tOSBBQCt8vruYJ9u3UFmraHl-PWo2kUFKYKE_0e1azf-xak68DI7Xo-ttCjkqbgxisjFJvoM91vx1eZCKaITsL2f_m4WKq-usKHv4e2s0J7XJWMrdGXN5PEDNjgcbxErDVH72b9WNJilV6Y0iFu89mmRBfCPrEAkAp7TB_4oYCD_5Cg1EfhTntOoUb1BPK0S9O9kzqXexltgYvHT35giSkLhJXj2AIxF4i__Fvb8RdTRP68Pc3VnVo53S80a8Q9nD7OLNZwMp9SGmNJ9XkX-3edpsxNbXOiiKHrn34OruD6oCsMFE8klr4Us04E4hwZaytU0SW1T7VoYPNIAnhOFY7ceDRo6yDNAhEpTG25nALUx3-o7cJC85pgW8_wwvGFBahWRplrLkBDDn8nRhpnaMCkQcNr_VwfuOnY7MvibTKlBPHCS4mz6CClQZwURo-DrQDsupAMcUCjNxiQMfiIBVIv87deE6_e4kSzna4VGta1-vNnn4kMhuRm7ypY4eN0lVXYEdefhfeKHSywHFRD7hSwyyo3m0FnNSLg0U18whfrP3ZqfYj7C1kJ2iqqCn1S7ysOExVEH2keH-fljtLCWAtXjVpnbN8r7jWLW5ASVHQRgEI05MvU97XuAZKSuaZ3FGoFoFt38PJ_zrnVUwqkA9GDAwLS1l6Y-I16mSJGxig9Z6NMo1G-i9SBl748qYteXFCPBwBjRMHTyoesUXdczrIMgCgFhUoCTVgn2-eMsgGsbo5zaXCuPSwTiQzmmJqdnH5VCwBEfz0LsBj3Wf7sHT28dFLSm4Oag4T3cJWo77qGNxHTryWZZzH0nZ8Y6c-6Hj92j2j_fienONbCQ5g9pGsWv9cSOUORYpLV6ijRRCKdHBRdNtQYim-eGkLrLUhM12zUquOhYgExIDFdFPp6MITCq1c5NPO1w4uf0RFkARCwdqzeViDxMQ0QGMgTXDVGELbcaeZbTF7tTF7LQ2TfbD4baRD4DsvSuOZGOw1__zAYt8-7bPvjiDRKEM9CFVlndvhvP0oizF4aLGpQQE1EvjBQjSZLUl6q-_NXMMMCSAXOVcBor8nGIdGYBMgNlwflqDUru1xE9OpFyLWIbzx1joWXnByu92Lu4opF0RVUqK-kQUHKHqwGOaK-CSVhFKnoKtD8Kb2T5hOIogUyFDyVeWkWNqP2yAnOHS3FQkda__oKdt7ex_LHUdCSiuaf7kj9JB79aszuN2P7bZxK1Sm7ncpysPMX65e2c5j6BfwadGWGYA-p4av4g8TchUy6vMpFfnSi_C82V-9KXUcdt1-5JuiqY3X4roXj-5_R58Tn4OaUkdaW5gOpviJtegJiE0AqOQNFRnsrMM70uuC443lKx6IvdW0pptVz1M9Og_L8h2T3coNbQrJomAvVzLos-864zVD_wS00wPElUCh6FvmR7q7KcNJkUhMzZDX_TkJ3p76w9SdbkNxxnjmD103K9tdl_lJgVguZXi7uR-2KottYXr3Ji5S3ERYPUyvlfvcc31Bd4SnCbT0dvI-Ap9ZmMcyrhTDM_PX-1O7GNSeoSmYfNYHGwJoyRfv2QFSZ25NFLzQwxF42oSJP4P5yhy_T0yGhU3hMy8dZQeuJbF3HUdg3sGvNJdgIojEL6iDZDPf31pZzXiPdZ8z0hceJZio69TL6hRZp27P5akFfiG_HnNlZmV1LCO53jUuEVjslKW1d1gv7TcAIeJOodOEtrYMaUlQqnlmPYFljE4C2cvo_9lzeQCEzO_0SwCtQeyxhfxjYIDRixJ-nr_GvKaWBTYwObr5uYNxEguVjQDGMhidR678w2InvWbsjZ4rucTfp18CdvqekHrfrTaYZ6DbSEoHNCatwwrYMIlwd6JGMLwYmv4skSIBqbFeA887Y7kOgV-FIB-y7j2a1JnMfSaCT9W1Stwwbd1NZdkqtirR2lvt7EUGj9z1N-VEf4qmmKxhERFooCFD9b2QSbc-BgQkiq8pbWJNH9Ycfbf9OQtM_BM1jUYS64bqtV_BG3kPaxu0tTlxEgiX2BRAmXPcWs8KzZxaFUtVpT1EJTy2okSi0pjbEeeQuUEjD8Cjip4vUTbM-OFFRZO7cAisE_fbUBE0Foe1Rv9i5iAoMsPTspRh1vlXE6YejruATDXqcibD_dfZsQJSlFDJpExaWiJECBnoNIn7KPqnSbdQQWbUwbLlFS9sLuAsDWsEwIdT4ARWgTaD2I90nGLEPL-yXx7XD91J_lv8M2JaQRjgH_Fxa9GTZsdVPj1kSIMiEYikYUY6ry4dPXp_hlg_uypKfJMENio-std17ibAU93_zSPZyhiOnw02fAf00FYYaza9XOEBKFhsFUAn-qbdMciV-zlApgHkbU4bjk1LaBit4gWeozGcqQCk14WyoDgw-JRv_K0o3pu4eRo13lgdMnLHmepqp1OcdRKUTYUKJyQ4QX48hZNQv22pJ--f4MqYB8XyH4umtFB8Ek2Z6wuHRU73zbVghA3iWK0pPoPRNkap7lWC4wkyOscGmS4FH6mQu-5o1KYCjuYE457VkvsvmowA5d0yRrFYo3009aXs56q3vX2HJxqFLaVAK6Jpa8PtfxGcBnK57Y3km26t7_vHrd9Zym-Qfv8s6QwyYSQMewyZUCytHYRn79pknes6TEAeP-rW1rExqIv58ev77MnZGxXcFGE4AnJ6Qw0Eyxzx-ebBLWuEQjVyRzfJsGLjtD6hL1FuEhCBako-MyMdRbwaJPorUsLoECEi9sYMFmOZ0pbmQTDRQ5Hq6s-jtz5EVl5_jMw13Wg7EKldE6riSfXva_9T2Or0_DelEYV_QWXESDXHazcBp1dr2-TsXq77tJgJdxQIVIoOPSrTayPrFKvjSXdTNe64YtfcvL7VRhv1qKhjtEptCh1coxuHNkUPYMftn116uheTFz0BdBuGp0SmjCyA2cVYYysFPp11qjbgR81xXRiQmTeWqu1LTaLD44LeDgsFsMiXcvxcg9NqVOl5rq1g6oH0SWvD7NwIdJoRfuopM7mM7HHnR56Ni-kq91g2jBombDbz_BZa2dIDJhNkxgKFuKgPYFFBwFYbAdZDML4rW2SMoFQg7EgWDDa6oCYWKwgHxNgAUSsSnGctqWtyvJey4u5EsX7E1XiELHj5DOFDywYOxytt0iZkQ_VCa1sw_bwhTtvYtSD_ycgv0fyTecKMqDIupV4TmqvOmj9wszwA&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bolatimes.com%2F&ds=l&xdt=1&iif=1&cor=10700197431386034000&adk=2228999115&idt=877&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
70441
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 07:02:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 38C4 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0Qnmb5e-Kx0nIYNPovXMmq92lIZkL93BgBhTXN6NaEochO3nJrace5HC0n_vV_WG43tZOgK0qpf9V4im-CMEL9WST7JXnWoC8ni4NXLRWu6FZmFgTsX7ov_eZupMvp1usBcla7NN_a5_es-c-riZGI8uKUhC0KNBEXZomTPnrej0Sqvw&dbm_d=AKAmf-BQoaIzIepw9yo5SPFN6IRxE9epp0ROHnVZHm6OOvGaZUcNAvhcEd_LIYOoMlE3lHQkMDspdQ1UtSjLjt9EGtPi6W4Qsn50c7Ggja129XWJxWPZEKXUCtAXzNCD9CAfr8oB6I8Kui5B6fL80Af8Gcp5h4ncVn9AFI3ZE3QUyGwtSLBqJVFrdXRMJIr4X98vvAjWNQPWrdLAQbglKiLGqfK_Or0_HZHI8_6JO3Fvbpx8VH0_-3zznAz608SDpkCiawRZ9PMers2ehLu4VdLwtqQyPxoi_mSy363kGWgDo66iTjbCJXm6YPGAoMDeXJLrYxBoq9FGa2nlo0FUg9QPFiSGycqdAbk8a5G4AliTalpGisg-OPn528BQwbwUiHthOJUKvaxA6synXlm_xnaGQGFwrNznlly588GdaV0iPFYbshABvQTx4ItAj9piyFlhxSaL11uURiFeds-08YzMhyKONRl-xyLKDCimWzc6o9qQ7g1suR0h_h7ACiwvzEfu2or0btjnW3yOAn74qtL8_lfjPhUF9E92K5ay13fOocF-QWoO2Z4Gcq5w5QTAqd4FG28hnzC_QKIG_VExZWv7M6mXDZtHQ_BuBqifOhQY6qwwR5j1qeO6EZL3lyqsFAivfJP6hsvS-NhSietXz9tCy0azR9fw0BsexvypDBUdNuqf4GW9SNgTvsA1ve-jq4kf-OVL-Jp8KoCSWbMWzqlEEztRRoD_4nOQLjaF1fQ2Q9tpXaBf2tOSBBQCt8vruYJ9u3UFmraHl-PWo2kUFKYKE_0e1azf-xak68DI7Xo-ttCjkqbgxisjFJvoM91vx1eZCKaITsL2f_m4WKq-usKHv4e2s0J7XJWMrdGXN5PEDNjgcbxErDVH72b9WNJilV6Y0iFu89mmRBfCPrEAkAp7TB_4oYCD_5Cg1EfhTntOoUb1BPK0S9O9kzqXexltgYvHT35giSkLhJXj2AIxF4i__Fvb8RdTRP68Pc3VnVo53S80a8Q9nD7OLNZwMp9SGmNJ9XkX-3edpsxNbXOiiKHrn34OruD6oCsMFE8klr4Us04E4hwZaytU0SW1T7VoYPNIAnhOFY7ceDRo6yDNAhEpTG25nALUx3-o7cJC85pgW8_wwvGFBahWRplrLkBDDn8nRhpnaMCkQcNr_VwfuOnY7MvibTKlBPHCS4mz6CClQZwURo-DrQDsupAMcUCjNxiQMfiIBVIv87deE6_e4kSzna4VGta1-vNnn4kMhuRm7ypY4eN0lVXYEdefhfeKHSywHFRD7hSwyyo3m0FnNSLg0U18whfrP3ZqfYj7C1kJ2iqqCn1S7ysOExVEH2keH-fljtLCWAtXjVpnbN8r7jWLW5ASVHQRgEI05MvU97XuAZKSuaZ3FGoFoFt38PJ_zrnVUwqkA9GDAwLS1l6Y-I16mSJGxig9Z6NMo1G-i9SBl748qYteXFCPBwBjRMHTyoesUXdczrIMgCgFhUoCTVgn2-eMsgGsbo5zaXCuPSwTiQzmmJqdnH5VCwBEfz0LsBj3Wf7sHT28dFLSm4Oag4T3cJWo77qGNxHTryWZZzH0nZ8Y6c-6Hj92j2j_fienONbCQ5g9pGsWv9cSOUORYpLV6ijRRCKdHBRdNtQYim-eGkLrLUhM12zUquOhYgExIDFdFPp6MITCq1c5NPO1w4uf0RFkARCwdqzeViDxMQ0QGMgTXDVGELbcaeZbTF7tTF7LQ2TfbD4baRD4DsvSuOZGOw1__zAYt8-7bPvjiDRKEM9CFVlndvhvP0oizF4aLGpQQE1EvjBQjSZLUl6q-_NXMMMCSAXOVcBor8nGIdGYBMgNlwflqDUru1xE9OpFyLWIbzx1joWXnByu92Lu4opF0RVUqK-kQUHKHqwGOaK-CSVhFKnoKtD8Kb2T5hOIogUyFDyVeWkWNqP2yAnOHS3FQkda__oKdt7ex_LHUdCSiuaf7kj9JB79aszuN2P7bZxK1Sm7ncpysPMX65e2c5j6BfwadGWGYA-p4av4g8TchUy6vMpFfnSi_C82V-9KXUcdt1-5JuiqY3X4roXj-5_R58Tn4OaUkdaW5gOpviJtegJiE0AqOQNFRnsrMM70uuC443lKx6IvdW0pptVz1M9Og_L8h2T3coNbQrJomAvVzLos-864zVD_wS00wPElUCh6FvmR7q7KcNJkUhMzZDX_TkJ3p76w9SdbkNxxnjmD103K9tdl_lJgVguZXi7uR-2KottYXr3Ji5S3ERYPUyvlfvcc31Bd4SnCbT0dvI-Ap9ZmMcyrhTDM_PX-1O7GNSeoSmYfNYHGwJoyRfv2QFSZ25NFLzQwxF42oSJP4P5yhy_T0yGhU3hMy8dZQeuJbF3HUdg3sGvNJdgIojEL6iDZDPf31pZzXiPdZ8z0hceJZio69TL6hRZp27P5akFfiG_HnNlZmV1LCO53jUuEVjslKW1d1gv7TcAIeJOodOEtrYMaUlQqnlmPYFljE4C2cvo_9lzeQCEzO_0SwCtQeyxhfxjYIDRixJ-nr_GvKaWBTYwObr5uYNxEguVjQDGMhidR678w2InvWbsjZ4rucTfp18CdvqekHrfrTaYZ6DbSEoHNCatwwrYMIlwd6JGMLwYmv4skSIBqbFeA887Y7kOgV-FIB-y7j2a1JnMfSaCT9W1Stwwbd1NZdkqtirR2lvt7EUGj9z1N-VEf4qmmKxhERFooCFD9b2QSbc-BgQkiq8pbWJNH9Ycfbf9OQtM_BM1jUYS64bqtV_BG3kPaxu0tTlxEgiX2BRAmXPcWs8KzZxaFUtVpT1EJTy2okSi0pjbEeeQuUEjD8Cjip4vUTbM-OFFRZO7cAisE_fbUBE0Foe1Rv9i5iAoMsPTspRh1vlXE6YejruATDXqcibD_dfZsQJSlFDJpExaWiJECBnoNIn7KPqnSbdQQWbUwbLlFS9sLuAsDWsEwIdT4ARWgTaD2I90nGLEPL-yXx7XD91J_lv8M2JaQRjgH_Fxa9GTZsdVPj1kSIMiEYikYUY6ry4dPXp_hlg_uypKfJMENio-std17ibAU93_zSPZyhiOnw02fAf00FYYaza9XOEBKFhsFUAn-qbdMciV-zlApgHkbU4bjk1LaBit4gWeozGcqQCk14WyoDgw-JRv_K0o3pu4eRo13lgdMnLHmepqp1OcdRKUTYUKJyQ4QX48hZNQv22pJ--f4MqYB8XyH4umtFB8Ek2Z6wuHRU73zbVghA3iWK0pPoPRNkap7lWC4wkyOscGmS4FH6mQu-5o1KYCjuYE457VkvsvmowA5d0yRrFYo3009aXs56q3vX2HJxqFLaVAK6Jpa8PtfxGcBnK57Y3km26t7_vHrd9Zym-Qfv8s6QwyYSQMewyZUCytHYRn79pknes6TEAeP-rW1rExqIv58ev77MnZGxXcFGE4AnJ6Qw0Eyxzx-ebBLWuEQjVyRzfJsGLjtD6hL1FuEhCBako-MyMdRbwaJPorUsLoECEi9sYMFmOZ0pbmQTDRQ5Hq6s-jtz5EVl5_jMw13Wg7EKldE6riSfXva_9T2Or0_DelEYV_QWXESDXHazcBp1dr2-TsXq77tJgJdxQIVIoOPSrTayPrFKvjSXdTNe64YtfcvL7VRhv1qKhjtEptCh1coxuHNkUPYMftn116uheTFz0BdBuGp0SmjCyA2cVYYysFPp11qjbgR81xXRiQmTeWqu1LTaLD44LeDgsFsMiXcvxcg9NqVOl5rq1g6oH0SWvD7NwIdJoRfuopM7mM7HHnR56Ni-kq91g2jBombDbz_BZa2dIDJhNkxgKFuKgPYFFBwFYbAdZDML4rW2SMoFQg7EgWDDa6oCYWKwgHxNgAUSsSnGctqWtyvJey4u5EsX7E1XiELHj5DOFDywYOxytt0iZkQ_VCa1sw_bwhTtvYtSD_ycgv0fyTecKMqDIupV4TmqvOmj9wszwA&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bolatimes.com%2F&ds=l&xdt=1&iif=1&cor=10700197431386034000&adk=2228999115&idt=877&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
69861
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 07:12:31 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 38C4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 06:43:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
158011
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 06:43:21 GMT
truncated
/ Frame 38C4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df8e9b7cc0c281f0b4db04a629f6c9f6e910ac2cf785880184403cf25d3c4abc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DED0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
160969
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 05:54:03 GMT
expires
Thu, 14 Nov 2024 05:54:03 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 38C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuW9gaJVuaZ4_qAkYAQPJt9rSyXXd5iVzK2tKdarZz2g7tSifsRb6VuCT97MXMTlle0VCPVGqqP_mB2-0uLbr3i8tDtGJV3pt7SRelTfiW8eYeYMlWRRziWA1wQx0qr7BhI4PlQP-10hVQycLIWrgJaHFXBCpWBYVBnRJz1CUieVnGoR4SBFcHaLBO8Pcqbg9EX1bCLbZoNHUmL0t6v8C5dfsHTctgJ2P7DnqWi_YMZ9NWtKRxV8ZrUCQTz3Y3TxLdIyS1l8TOnAHljkpEB2fDi0hjWXl0oWvjYveYoCeA7uMUDRZ10UzyPJ36wkKMHRqUuT-hfIiCOA8bMnERHBO6S1q1ZPblaTs33_47waIH29BKJuzPzeHzRG87ILwNGpOmsonLHkUlpna7SLqWNk1ObuzZU_LX5ezI9DzkLfelxpaKfWqVrVzQgiwRx73g933Sxm98aMRI_jJDaHQyRep5qQ92W8Tg8K62a-lsIVoFhbh_U1VoSUbbgnezsJMmepVP5lM8uEaozvRoAMk_Apg2qb0gKqF-JSiJmP4s-9bNfQLmaQRuWcsFq34e1FlA0XTfcR03TTMza0wUmFS_bfKtdIQehYL4_DwIn0nWzmPD6j-cThyCVto72qQ2YZEHAwjSy_mGyZXJxOYX8X7LoyeVzZQQl5CFcifmyurkQnJ2mADvU1gNfly3SY_IixqxnE2jRCczK1T4oyENMbtNxzq_n5B40YaxhJaQaBSGVMrJ4gkHrHYWOgPRG09y4OLmkCm37Kh6yWN53l5XDXHBQVjAvdoxNIR6krPl-qAVVEwH7ZZtq5cyHrnRXnuWipC5E54zIgdy1qq3XY2Mif5W3EMwZP09UsvNg_9m2ErR9Tr0OAjbq58e3Kn7vTZ3iQlkMkwKdgblCq4PzoDZ7eWDsSGL41aIQJIBbgUPr4WD376Pu-ty_mNbZCJ9W3og1S779i97rhktrVLoySlvxV0u0aUaM9UQjtTgEwVozoBwQsNxPMBvSfMx82g3bdOpNFLB2pzgfLtK48f3EAsr_702BbgQIm1GV6eU0L0s77TmR0ixV9QS2iT47yebRnb5oFzW6oxlJhIOFzfGiMRxS6BKEsLxMnI5v5E54ENAcDrsmiay8hw7sh0-Rni7zUcyWKxTzU61oIsp2PcGXrNI1U91FXd9_z_HZGn84-T9ynfy7FeRHYEhITQfpue9qiscL3oLp5HKEDrcTArUcK-2FAZBRQwN03YNG91XyotQWVFGgs0BlkExXbNgYMh5UdFDS7HfKt0bX-hhzCBZCEpL5xUT9zCG5uJGYPlNoTDlpflP4JVjFMpcErXG5ezkMWBbnL_IaQbTWj5UcCKUYlLfnBHQp7QzJEYtXS_VDSacFiqpBkeMInjOppFeqcTHc3BoaxLis8-ax1JayCvlugEWnvJ4IrPK-wB2Z-tSfveJrW2gZiiWqJ47aoLy6zH9wmLJuO3pefu9KG7-LYpvb9EpoyWxfxLWTaLNMwjOLu1vf4_D9F-uB35ZStkUHOjSPlWaL4GfCcXU&sai=AMfl-YRdhlmGGLdVJ5_s3rKvwCOwtM1REaR-DolQsDDkOEt-ldkBysCUsa5hxOj5wmdYbpd3FUKSZtJudZqC6EN8SFpzvn0rL6orMcY5G7TwrP4fqYxZsQ9nB-3PwVDlMRePWAix019mEyqDdYlV2g_hdYEwJ5bx6sWtRsOyOCnANhf7Wn2DRRGe-KhcePtHSQQMK4P0sMYtx8YAkYkDJRm7N6ikxXIxhuNVFRwn2WaX6A91kc84reOJn5NEr1EmWRfPow-gLNRprB8_qPP_WSr5PVPd9K-RCnfJkDQM1koyZ7MUSFcHcGLcpyfuwCEppZQH&sig=Cg0ArKJSzJsuA3o7UtAKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=235&cbvp=1&cisv=r20231109.94608&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1779659463908322069
s0.2mdn.net/simgad/ Frame 38C4 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1779659463908322069
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
50c9d537facc7cfd32bac0a6b6e9639cce12dfe471197a78bd5f3b85b9ddf2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 21:43:20 GMT
x-content-type-options
nosniff
age
17612
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30398
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 13:47:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Nov 2024 21:43:20 GMT
collect
r.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bolatimes.com
Date
Fri, 17 Nov 2023 02:36:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
gen_204
pagead2.googlesyndication.com/pagead/ Frame 168C 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bx44vwdFWZbv7N5OR9fwPrt-aoA8AAAAAOAHgBAI&bg=!zc6lzoHNAAZxrfrxUa07ADQBe5WfOELateZNy617kcN89yeigSo9U0CI2M4KKfNmmdZP-MUZR6yzNuykrfwvDPwa09vnAgAAAfpSAAAABGgBB5kDA8ITTrvWtHPDG19XMqjkzTx7O2W30-L_40a6yKXIiTbxXXfbhA2_wOpQUJt__rK_KijGEuMRzcusuGJQV_dVCPM0Fniv9gYdP_hrui3sKntXGAsas0UermAkD_JSek_bm49Z-TUDyH7Aeg4JzpTVG5jb2V_fln40vXukl4c_2CbwNx3OQUjaAIBiIBghlv2BsgPP5jCtlGUi7DciD1qZC-kA0uYEJ47hz4-EGHNmX2AtEutGHdlv6TvyRsq2O975ofsanGVcDJGJLFb3L9K_JKBSzjtZvAxAqSbSFbfDkUM9bpnO2wgs2oHhjkcAmQ0Tg3AdtdMQ6JgS4ykKRzAc-cvAmL5LFGG9QFggw1e0dpiPxRY-KI5ktYof1Oqz0aSBV4FQNcD0e7E0iknsq1dY-WGYg9ZitEb6SCyi4--5t0pOvlX5ZYqYImNl_KEH_j_1YT61fStzEE7bWgZ-5pYXMmEiyvzbLsmN-14A5YhA8MmRjXNcvTEGodWlZZHIHx1Chil5i8yb1Dx71_Nc1zrOMZEALBBqDRlj_xSxlyYz7w5raSZ661Wb-penhoVhq53Yk48FoINdnW9NNqCkWLM4wr1MAHaPyz--OfJMNj1kVz28nHwoa6iRs0F5fmP16In4dXYdEU98b2LDhfMVpBb0LV34WmJhwwdM4XfTkuFLExl_SBnOYCmDLnK1KSnOl4QOCRZy7f_3j-RHRsyPg9I22krom88Y8BbrL4938NTZpCS2N1soIEs7xR_u9sLRy6SmE-mxKp6NpioC7ZSOVTQkKnSqdhJ2GCsuhAWEq7vWyp1uN9UDAKM29RC5T3VoXKUKXwsbUVOtnw9mzzp6_eZpf1J0q8mcRUBtyUXhcd_HLP-_QjVGaZfmInBkO57nAAwGdQf4EgUVCPrOLWU-aDanhRunVmxfuv7EQODhK7vjBbK-kwXlQxkWhwGyLyzzl2TGMu_EMbwCo5I-szUqEPfZG-RZMq87Fjw03CIIDw4Bo2M1CNcgBScddnmOLf1KXEmJSke1IQ
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 953E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdOogwdFWZbn7N5OR9fwPrt-aoA8AAAAAOAHgBAI&bg=!NjWlNXrNAAZxrfrxUa07ADQBe5WfOJtJMrBYayTtOKbDeBs1JhxS3hxBdgK2qiZV3QnEFQxahnmmoHf6lIMjYSH4UC6vAgAAAi1SAAAAA2gBBwoAjgJpKmMkVhJ2WV-KxZ4H7SFl5mDLyAnGuomH9QBahimVoGeNtYKUCJclxogWwnyMCVaqr_AiqxlrjtXS_GNY0l5uZ1N6OykY5StF4NnKMI46V465lLkM51YIKkaMRbLgxPyacZjYIHCbp1mmTqSCHCABvzhJaTeQKO-AITjUFDuvKwnWDm0l9ktSAgYniDiZAwCLSVKanPo-U3Ni64jDizqOR53Lw6AswkQlLfeS0G40TBFTGmWq9oW402aQce4RGfYw2ZrmxrgPZr_WRKJ_Sat4KNqna5OLw6WDlGTaoy3BFVMzPGySVgP9qqy_jvtsAZDrYfuuymGgRSegNjgw9lgI11uFL9W3V8qKl1dWSDGtP1cIf1VT2cUx60Zh-G2QCx6nhftBLG2d2tIfuYIy2zQ8el1A9PnC7aDTVvTaGV84vxjMFDL_D1Hh971wj_6qtPOhILFCKNtb5aCWx8OaHZUM-QcEr2TW8YQ-MWMwkmLL9wUu6B6rk5VAOeSWLFTuBJ_sEUiMKPQ9-4SwEVgzXYI50TF1e_I5jTOUqT2lDqChYosoPV9JJSVIYHOyVfm-dOSCWYrgH05kYmucyjVyNx-jP2YQVesbvLFqUDo3CvyvBpj4IW1tWGuizYQSPalG8loSEIG-WLuqsl3kV2lVDsKpuISTJxEHoixAB6SlxbW6xc46l-xFKIpyARYKc9v057AroZe0on9F-ZPePhen1KMAYvt-WLSd7TPnubtfmo3UGbsxcJxKHkmlcdvS1vK-bpcyPiGWVwKHly4Hl3IZGJCjCzEerLcM3CcJXX8GVjOj3D3j3Qht1jKC3OKCWtTwNj0c213lVZOjPAk8tLQ0DuAw9okU_vKcbGzmXw3NeYCAkrYGdsg1QChQqZJTFJ32JLZPgfiVmpE8ABS6M91hDvIuN8plBDSf9b1FSsqQD2yejClF35ObTYCPlpBcpPfUAM_RvkU6aRLr0dKTvwX21GE0v6CK_kPx-AM29ABx17yP4uZC1hUmEYpXBm1NS5Wv3mcYmiCWC0FZDtCfmi2fzLtoaKDEBnSH8nQYQKbQRg-rM1NGnLLn1tB3lrVs6mmh0_IevP-00dZgzB_dezkKWBJ-1U3y2_M45HqaJA4t8iNx_gL0UgZOhjnmimY9hpUaDrbVs4dAA8dvbSXgdCIw93WzEBxvLwJCENRQoQbhJkQEUx-qgswCju8czrbJc8QswJY
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame EAC4 		482 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 17 Nov 2023 06:36:52 GMT
date
Fri, 17 Nov 2023 02:36:52 GMT
last-modified
Tue, 22 Aug 2023 10:30:49 GMT
server
AkamaiNetStorage
etag
"9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
482
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame EAC4 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.1.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-1-119.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Sun, 17 Dec 2023 02:36:52 GMT
date
Fri, 17 Nov 2023 02:36:52 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
writeStatistics
stas.outbrain.com/Stas/api/ Frame EAC4 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stas.outbrain.com/Stas/api/writeStatistics?p=JIZd2rBeZ6_EBRcAzKtPVtpvGuB7vfN8tRe-yFCxD_bJOTTYys5xw3dFatZ_A3NwMSAtSjcROz1_4LsyJUQ4BJQX0MfjLrdIyRu4c0cPgRvo-_2No5EbarzbfmqF9edz6sZ_YgrcBvyDJebZr-lIQbv0py5u5m3JctSpHSwaATmTX0FPCDBokiyG5HBq2RVdSrKuMSf5pJ7XwV3r8dvWMLwIwbvbIQqXE7OQ6LWCfMtrRfoH0oPv62YEC5gMIWKBCCmr6ksYBMMgbNST-ZwM9ir6qJ8wF7mqtrlYmbsic788FHqRakmh12aX8hAAbDg48_4tCmijTJLRK89ZtjMezlZuG7WWlzj1_5f5XpT91B2RmRyryc7RawkJ9pYuRhRAkSsGxD1RfoDdbiajWbLx5yLGkeUY_ksNJf8FaK3yrT7o33X6PNlkxgLwhfFCNvJPAJzAVeTz3LFKiSC5D0kfFavqhJfIxIzj7xqrmvrWZSUxVNn_n6coapz8SVAlVgB_a8EXDrMGu0DbopG_6X5HG3M-ySVxE81ev4jTNd-zW-4oewMDowjesYqgPwz_Bx3VLKZiXbk3-a2_DebOXzeaRGFuqqyWqntW0Cq0mQ0HmUBZ13itweeq7M1Qn8euSzVeYUlXOM54Yf-OryHv_Erigo_AceKe9C9ZVVd46FHULa7hO7FSHpHuCr0I0koT9vjDA7wbAF9h4hyB0PNCyCriqg&c=a0220528&v=3&deb=10018068
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.31 Sacramento, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:36:53 GMT
Cache-Control
no-cache
content-encoding
br
Connection
close
X-TraceId
4a4c8ca1dce03c166f9f4d552d00125a
Content-Length
49
Content-Type
image/gif
/
b1t-sindc1.zemanta.com/t/imp/impression/7SPORXWUXOV6TMRAMIPBBOJBX6TBLKYQI2PYOOWPWTAWY67PRGFTHUZ7PVGPIBLIZPBYY3AVAB5NXN4JQM7SM2KNWNVJLP4L3UZBMEW46VAUMMGFODS6JEXFXYJESI2SIW4II2G4ZIH2KBAIX56NNXVTSZ6HO... Frame EAC4 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sindc1.zemanta.com/t/imp/impression/7SPORXWUXOV6TMRAMIPBBOJBX6TBLKYQI2PYOOWPWTAWY67PRGFTHUZ7PVGPIBLIZPBYY3AVAB5NXN4JQM7SM2KNWNVJLP4L3UZBMEW46VAUMMGFODS6JEXFXYJESI2SIW4II2G4ZIH2KBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NKSHXYSMT6CCKPZ76P2BRAC5DB6IQZOYQ6UJO3SEYDIM32BLCWBQLCT23TG2A5VJW7SWCJNV3MLR2FAY7MIWX2NG5OFIV6J7ISTMHMJZV4MG3OS77U2NWMK2SPBNO7MRG4IGMAV7HHBN45EHOAJMPEHGSSFQWWIMAIPTOQHPBZ4HFQPMEGYUYF5BVKI7Q42HB3LWALFODYTHZZ/?
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.101.160 Jurong Town, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:36:52 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame C334 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwZ7IwdFWZbz7N5OR9fwPrt-aoA8AAAAAOAHgBAI&bg=!p6SlpOvNAAZxrfrxUa07ADQBe5WfOCse10Ke3eZOKaMoyS8E3GkTSxxWuvUA-iksEqCei4C3Je1rUdm3XlKlq4fhi3gJAgAAAfdSAAAAA2gBB5kDBDDvIXW_9mVlYRmDHrUsIUK1rkk_KHCSCY0wJeq3w0Swtuva2rWGeCRN8D1nO-GBAxQ9zvE8_USrI3puD3R6Qqw2n0Ky3WuKhPwFgG9GfdmlLbRkQxWKsuI7tCgRPUqRWmJgYsMU0YozRETIBtX-YVOVN45PR29aGBz0E2qCVe7kvAo632EZnOJoyydbF1ZXv358KZj6JiSdvU0cnxj8chCqG3pCbx4FO-g3KUMVYpEC5xb0fXuBwhMsOXbj3ubROo6i2tGeYiTWPVqnXiWO8RVgtiHO_IQ8LWnxcirMgg3pkNY7L0eLaS9wAADhNUltYyCfb4DO_SkPe62tqrB_rfXmEsdxGdmT_zyL9boDL43hcKFVERN9h8Jf6BUg0pqfTHf73j9zKILoziphiT19vzKHxosgUJdSEl4uVAD0dbj835xyWicz7t2ub56p_IZNyEIHTAt7vCg1UJeljNalSdNjjHiXk_eeZgdEJ_tkNnnkeAoLHnMXnoq9TqDa-5CM-RgTpoyzKQxl8oRW6KJBLFrFRA9aOav1IWv5E-4bNhSLwrzvCNBngXTCTpMEz-QCrgzGVaUyPnGW-Bo1RbSrXEYQn_iF8XDCBMVgORENeMeXkHAIKa3Sqmxn8cuqPActrJx9jyFX_rIVNFyBy0I9C6dfvyP4IJs4aovMh35YpesZUz3gz7bm2KJszMt2hHjqS99YWdispW-2FHFCmxCEw63_9iAoH8lGqHDmaVumnj4XZsxH6dSChYEH474SRMgWfm2hLeKBPZJ9N_m-GAhKxVpfbLtiZjez72YvbjnkFrczUG7EVGj_Fu8eLPDEK-5dNCa7SJfnj6lAJDM7p-K4zSBIxI0XAd0ojg4rJbx3kzQD6Ov-AQPwyekrFpEbfPBxVtGpkN7Pw1RzzPNN0YW4Kj2YPWxdiWfbFsT3mceDXL3STof0Bc3XacNtzskoKdjiq8VYZ12xNQq-pzybWSONwE45FuGVimASlr49iorBIQyvxlNDAHaLqJK8nzgvgvI61JiWONE
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94E8 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BK9rEwdFWZaz7N5OR9fwPrt-aoA8AAAAAOAHgBAI&bg=!WlmlWRbNAAZxrfrxUa07ADQBe5WfOPLzeSs60wxYwC38Nj-BX5zueq_Tp-o8tVbAar7Tc14CbDQgYthKo3OYj1hUWpz9AgAAAdFSAAAAA2gBB5kDABm1b3q2hGBmJyPkjj-hHAI8dav3vs0BsCGpCcAPPGCGsSpTqQl6S2mkhLYxXJC0ZdRm2X8tTCLZ94X5BtEOqrlm5Qjvnh1abaCe2fJn7FRDpjYlDSGf_g4NZaWepyNtyE02BikTchN2GPfZwXC4BYD22cRMcGd8LB7M3qWKZZFlZs_eraA4TDpK0Vt29t8Hg7svaH2g5XJim24q1c6_MkZ4TRPzWwK7TkOpUxfPWe4yMwPf8QliXZ5eSOe02j1WXlX4v_Mx9GvQBkVb95IzzQQQu-rXMzVExvm4ajT77gALr2Y2I8tO_vXXGDBQWDUaFR8fjRGnExMA1WsSReLGvlcD8Z_QO3LAvz8OmLxje_jLMFNWLsWhyD0D7q6K-41ZTnfgAgfh2jNn8m1zkg6FJMcW_ciD3XkCSOmNZle7jcNqtkvUEHCTCpgyrH4OoeWoXe3BUggWta9FQsg_wB0AopwDoY2HbQ1lHMvseqs98WuaPxxf_irzYFjO53wUfZdb6UO18_Ruly9wWK7sSRUjfQvd7zKEjai2kmco8xWo_VYyjwMzg-4dgErMhuqvFFcdvLImm_e0mnSByYay4bpgxou-zCHXJ3KMs50jSVLKuiNivRXRavS2V5W6XMxJPbnijTzFBG6TC6KzTgWVSF03re7cPTcU7PK7kaS42dSQ1WZXR0MvyQ4YdXlHM3mCEiLFdQ7vOigNXb217GkgUFC_0aNZUTXpCtF4Aog69hLFzGR0Pq4ZYBIseRIITESeaL7ndVnZZJx7BFXtu-Z4MRHnZLD2dJxzCZ_y_DmJULG-3Hv8ONbj5eMcBoVaBDJy9jhiigDZdZOLJTSfkIJngzQH329m-xJypPVySIQqVaqZ3nD5X1Ate9h6vSB05OHKW6dppMnDJMyercfCdFZm6CrAQdPmfAU31wj7qhXhOYg4CuWupQCp8_mK-Io0JBPlctEUClcGL8v9scBAGnfDwcj1Yue_6PFT0lHQPkfyUBT4MJbkLKgAUYL44EzVC6Ixhpq5Cg
Requested by
Host: 7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL: https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0B25
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=9c6d2cff-2cb8-4a99-ab65-fb92ad7d63c8&ttd_puid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0&gdpr_consent=
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=9c6d2cff-2cb8-4a99-ab65-fb92ad7d63c8&ttd_puid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=9c6d2cff-2cb8-4a99-ab65-fb92ad7d63c8&ttd_puid=c4bad944-a401-7ddd-f8ed-9b52c65130c8&gdpr=0&gdpr_consent=
date
Fri, 17 Nov 2023 02:36:52 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 0B25
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZVbRxMCo8YIAAGWIMaUAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZVbRxMCo8YIAAGWIMaUAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 17 Nov 2023 02:36:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"39.109.224.42","key":"ZVbRxMCo8YIAAGWIMaUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40101"}
X-SO-Key
ZVbRxMCo8YIAAGWIMaUAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40101
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZVbRxMCo8YIAAGWIMaUAAAAA
Cache-Control
private
X-SO-HostName
a-ad40101.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng30.dc4p.scaleout.jp
X-SO-IP
39.109.224.42
sd
jp-u.openx.net/w/1.0/ Frame 0B25
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARqfFl_Mly07ks8AD7ImPUCEm88AAAGL2yNpGQ
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARqfFl_Mly07ks8AD7ImPUCEm88AAAGL2yNpGQ
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARqfFl_Mly07ks8AD7ImPUCEm88AAAGL2yNpGQ
cache-control
no-cache
content-length
0
x-amz-cf-id
xT4b_IpyQncBtcNd2OCTbqYtpw1TDbkejSrQSDWbLf3O2w27wT3aUw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0B25 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZThkNTBhOGUtNmQ3Ni0yMzc5LWVkMGQtYzFlYjBjYjNmZWE4
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0B25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFo3pIl_wVSbK68pY9qCHNA&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFo3pIl_wVSbK68pY9qCHNA&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFo3pIl_wVSbK68pY9qCHNA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame DED0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 9FB0 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 10:25:40 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 949D 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 10:25:40 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame A3AE 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 10:25:40 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 8446 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 10:25:40 GMT
collect
r.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bolatimes.com
Date
Fri, 17 Nov 2023 02:36:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
activeview
pagead2.googlesyndication.com/pcs/ Frame 3612 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-D17UKF1Tp-sLlvT8NgV96X7mrytTn_FATN-zpjGS_t6AxslSnrImxQ7zkch8HL830oa01fyHCltkmtkNxyIJClSq910tZVzqcMTYCml5vf0pXgv-4bGs5MVORiFDU6ZghDZ-DeD6ZA&sai=AMfl-YSyIBw7fQ6mRXdCIly81JGhYg346YGyMlEWBY-ZU_DBcQrIpcDj9aoiVhX-wv81Uix5fI6FDam-ZGPhxt6PDTd66HjWK3pKsOkq51Lv6MitF1tJ5Je7jTWXS1qrVlrrJu45iNm45gThr2LnmDfq&sig=Cg0ArKJSzLz-kIW6zmMfEAE&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&id=lidar2&mcvt=1056&p=1110,436,1200,1164&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4030129027&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700188610585&rpt=895&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1FF1 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoXGFbE1CGiji-QkCgAkb9RU1cyxe6M5N3RvBbtuNV92cZ2BBlUY0YWjFsAOpitr9ragG58XX1ICARr1ruzZeod2GtPpNrC5dlypehFoPG3i2dbdT0yz9-51bj7KZRxdXsrolD28EQLA&sai=AMfl-YRA1sE6dQRsUNUY_SHbvMRaBTIYA_nZJW9iiTV-GK7lc1LCNdicv7682vHE0tEd9mTtlHKrX2jFLHgXj9ojN88WuxUeW2nC3g0w7ip5ywxiINhoeFbwTLj_JE0Rakd9KHfkaS2_fQdQA-rQZkg6&sig=Cg0ArKJSzIdgzHMMghesEAE&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&id=lidar2&mcvt=1018&p=365,985,615,1285&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1663327077&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700188610564&rpt=956&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 9562 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssY9RiBF0SCKoDjHQno2nhWsX1ZKOKGfJN9LKDadHk_HqBXYtDVnZUV2_Zo5M7s1RPAkxNbcPbGeEOT6iUR2FZ0zigQlcFltCDZabl_Rh1UZcRIiGtXqZHWpsxFVCD0CKxULqerPWubcfL17i0zJZP35BdUpE78OpPxZ0eJzXsLLhx8noBle6z6yGg1CZuOZINDNGakVJOjBtWcmebDNy3ubXALXzXagbZyNpxjc-plm2Q_g869_Y9CbQLpkpgufuNLQvX4_ehlEfkzpHELucNSHMfFTEP1JrgrwJAACQ3LX0DTwckEqDlv78e-YK9e8X1xEFaQ8odaoLImprpfusYtLlJY50rEyHFWrfg-wLmrpxZiwRn-3fTPtf_ZgeJNlVs1ypw28HGHwUwsHuNdnci76HVOXbZF9uSp8SVUHm8nvvNZWHlC_Hq1cs1RARotT7Jtp-SFxXaGOF9zdoxJUQXZVynrYXdYFlYiTHlrPhsXu6zS9OsTng8HCFNyVcu7QiFTIKZQeE4a0fqTLoFLfJCfumqUGQ3tZwBb0fmesWa3TzkX-2QVzUJY0P-mq4qtihCsh-CADAerhvnnBCQUuroEyqj3FAN9GEwfHcmrTePwStD8Yio4tQkeX1Poe8XCubFandTF1ecmNsA08ydXuCM6NCb3K6m7O6CzaU8xoZCs4TzReqJDSYV_4JKk91IB43TFe7BRr5BYaQ4YA3aMVsEPiANXZNVQXI__9kZH1Sli5X5XlFk2Qev336pnqChglXaEtoEGWzBkUOuxIXFRbM2iO84KmpGr-1aH2j5qcHcQkdDlYX3uoK3V52KsZ6YFZYmdE8NCS5fPoV5qanHv6Cwik6MeHeY21baElvuj5TRFmEk9PZ85UsUqLvj2N21Y_jvfk3aDt3oANUSVOhOF1iUN1AvL-v74SCJLrpxQothRabSlee1mT6c5y_lrkWyJ6yWoJsK73qmVjCYohOiaaaFzwVAthSFG5BA5J5lyexx5hyrxmqfWMKEw2Ytd7fMDFWyUoKVT3vydibgo8e_6FZ9hYhJS3HtX8u1K5ecoud1CEPj7WmuEUi0tjdQr6XZjB6AKvDiiKmTLt9XZ8MdOeI3Oc2dJG1m_Em_W7TfWIzkK-dEick-jOyg-6RAUoaI_nsqgmrLZXRd69r2Iq8N4TBwtmBz9UR5ZY8ks_VeO2hwGLkzVSl5HDBUEpeQ4nW1HXvDAj9O5D_yAqE-VI6yPAuN6HNi6XPU4eu_GA06yAx5ZCh22A-YTdmccef6LxdwK6rMtJ1Ac0pA00Fd_Fdrn-fUydyPeyaCKAom_8ANy1er0vE0AHUewHIb4pyNXRyhZfPPDzuUyXH_D14Y0h98Spjy_38FT4jrDt8SMQe6Ii36EfXJV-otKycDyHqciO2GgBy1Bz3rAhTUxSNMZSn6c8dNvr-S3ulLkmhXYFfI2MIfw5mqz7pFN2C5cBjVuPeAoLm6zkpnu74CZhU3RxtjeeG2K1ofS7A&sai=AMfl-YRprk5hkWTH8TVHl1rG0V0Eu4K-fei6uJW7XSNYsB0ogW9EeQl2yeQemUZ80_nmcKoaarGd7PFDDWUKV5StY0IY65zVuZLf0oJDoL0GcV9sWEh_IGwZ4wK0XLfsyxAEReIXC_S5O9iWlOGUsdaWTiPRV7ybkXpxjED7M-Sxdwpsm74Z98KmZZxaVXFoFSMJqnQO77sskafYQFUhTKyrWc7HQvJpKUM9eGs9BANgPm6HCj2ZtTshIPahlbHnzoXK-4UmXguNc11CHhtmChiJAdb85prGKpg6howjQ631dfPdNEGNu6X1OBK1aXJnUhvMaK51g2vXNE6KmEDTpD6rZ1TJMEOK-fIBLMR6l_MHJBJK-6vRH8wN9QHk3V5xRlxze13AS9Hc1MYG5wZG73w_JGtabdYBmqvsylsW7SqiCy9ptBGh2zTplu4IuDQZWZ9imv3jnMbqqzjNNYFwFbRRDx7ChkaTkwXEo-hgqQVCjNPEWmQtMLOphvVf4yMGG5HmeMCRngc&sig=Cg0ArKJSzGM7cVJb80JdEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1806&vt=11&dtpt=774&dett=3&cstd=1025&cisv=r20231109.24175&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 1FF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvEZvpRV9O9K1N02oQshW1KzJiuCtZS-H5NAoO536HOcPL-JAzXWS2hPYMqw8YNnBK8BjMpdFjOixjiYkciftw0e8LxWj6gGky4Jfyaffflpz1GXdtD8r9xYK6INc_fF-RTBwtT8x_rnazG9m_X5GknMNMwalVZQvZGqd7JNwnH9PBeQqooWvleKeen_rc3fm2XvQ5tQoNk-OgcSrn4PORxl_U5ncBHriEghIRblfgT8AM5d2YXQPTlWQ-ZUmZYVSrBqnuVhWxEylx0RbPZ34PPDaTHvGw4nwxJWnpC_zr8wZUcsKwSJxfeoPrRSaLbfYJCDFvZEdsI0Zo6-sIFz9RzeBBXcOMpeLMBYazoWtTEsTdEYesutLQjpoJPKhehZO5ABVEkNgIjlc16DWUtUXctyYVK2xrQX8DvHGCUKb8Hf1THIc_hXDSUmX9pv19mvqiXitqkyB_EFdOnyGKu5A5GQNqlL-mvueTGdWXd_VY9hwmCKjWeIQWa4L4bIylVCCL41cNl5vyme2ZWjisjPcZIelBtCIM7vslAfVM8DyY86vufJ_0wrwrdDqLtKLPOuLlw11TOLzdCG0b_hCC5txQ4PjYfOSs1XIqNCwze-QihCyjHAVBtDfHNc1_ZprpaEwSWLM21Sw1KPzCj_bnTsolyiOOtk0y859jRPXn9mMXtzlD91BZ20lUjmwsN8czrSVAtmXmQqCVY-QVIVKP4vHyvgIxp9L-mNkWBNiiSav8_eXbktC1MYuz5x6wiwODYiu8VpN0HLONJiGAvaNH8MnsQFGyYre4-uCAArc1zo6ZTtODCTQ0VDVULjp0m_bwcNiqG3sgHwB0U4vFCQOBDKubFnDgdKHiJe4VLuWfDBGz1DUK4MfUJ651TgV0eFggVgORyt-jodR12-yVLaqoEhSrlq8uhEmzrWY6v4bFP3ec3LEEWTAyHReS1oRU9gd15RrPY15ynJS90SwJNPt54paUTScELn7AvqM5behTtxNfCLVWp83EMr0aDPvkhkHks6WGM7A6xhvjluLdIUQKVUmprQxBVGDs71sUi_jDQ1jqYQ-u6jwb59kNwaMkw4yBsj-33AP1FcQuInxz5Mi_bPLoTQTpFRRjrFTcl9INpxH-7q1Uvq09-hRspeYXWxxGrPDckWgm6AtsgOKJF9do3exeTKIYxLJMTVBgmkIL02joqPFVYUgATLWHc8oSSyIX3U335PvVjbSbaVk49iuQL0htGi8SAJaSaGJDQzWfFwQA4yVZcp3wYmBP_Dtkfg0FHj1fflx4HW58pmEZ7X4cYHvM_-j-R1veMyRDJ_TmSYpQtnHnNiuGTb6yL2R8ZNxAMIQRzJPoSKGeg0Sbtu0V8huW05BzcsLBNRRDDAK1gzV_jicJ1Vn3saa4s7MkkqIiY8fL1iU1Pj71Kq4OGxGcJq0hkpXZj-h3lUsjSgB4B5xw7yGWy5JVpNEydRWU6w8CWeeO8FIZeNd5BcB3a06PCO3NsTxF6zQ&sai=AMfl-YTRrcagcA3aQlJJPm04MyAjap9NJUOxb0JlOoT3yH28pr8iuK_UFzTf3DbJSGAV5-kwkA7OYE3-zijnEvgkpcgPjMWkfYlvV17It5k0dHvIbf0OeTsYAyu5KalNkoWJJluu29NYbCWsPjKE6Idg7-UwFWdtacaMaEjWXg3wOZIqsmA7MQM655rPSDrRRWlECmHp9z-ar3MDAF8FjkdhrNlhMYfTg-kb35OQx3HAUKBWq-601InhsT5ngxH2RYAVFJoQxDWnSa1coAfWrQKLwCLbeIcEC4KjXMHeCsXg4D5YZIPnvzky9Znix5CPMM-1YTjsXQs1urteZKM6PVyNrS3y7FXghFLdjg6fseKZqPd_hT3vnQjR2W8KHCY3pvb2PajBgb-uKO_AZpXHKL5LvbQ6KMDTwjPymktr0wY7-Ce41ldwTeg5fBk4j1d1xGkDwI3o9tGDjMw7474lUvF4wFUnRHMwjMQCNl8DUjf8RjgNnL3Xo48aHY8pKppen7QxmwvTe4k&sig=Cg0ArKJSzM65J5JSAPm3EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1858&vt=11&dtpt=906&dett=3&cstd=941&cisv=r20231109.17966&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame ED6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv-hbglb489K9JtdjW5vJobFV0lr5H8ASPDCA6P5j31Cb4UpaT43NwSn3oF7hpf_hsMElUbFkFwT3q4CMVvkyBlkTLgSti-87Y18cvFb9g0Royrlbxz4BCYNs9wW3oyOAm9ABq7tz5rCaXm70GY2CryGbzTh27usjUI9kuSybVPM4WZXfnqkXSQi4vYts4fB8F5hhqKa69x0DwJDb1VNztWSFsBFJCHTr-d4R5kJOXLtuAmcloGk2saNxIsnKPoOiv5ltV3Q6KKpaa4OpRvnfltuv0YNs8WEJDZkva0Llqvd_KQmxAwLEPS51F5yr4S4P491UaJBDfsZ2KM5mQs-sMEKT3P5VOUqce_Xhfg-9bmkeRs4TQ75binELyj1SEF2Of6X4PTuYD_4_ow6euyRm7nk_ZkGIKvtmsi-qNIimTjCwPmlzpXcwqiMFlkNiu4nwOR2mxZkxsKTcO8O8S24GDa9Wb0lDpli7BCLlF7-S-pdhTukR2J6_PbQ_mmVpgYji7nE4J1JhVk-wYVPQeQzADlfLkS572xe-iJ6iqdAMfgIxI_VWDAxzttUWrcuwsASRMvPdqX9t5JY6p1Gygov9_-h4hiXTqx_hxFYMD8dQ_Siv7ygMrT0dFOx_1A-MXXMMyL5kSpWUbX1pRjjLcaGt4Y9JfOMdJ6EomE93RlBjtoO-vfsKDX7lQwH68z0tMyYdw9Iz7MBIln9HQbFT7G5OqHEwUKMsL5E_iNDZINiAV9cmj-c7MUMEZVIxitjnDW7TlMl_fmRUeMkMHNZO0aP3SCWYkcdEcNFac2tret441mjMjhiphAmoa1b5AKaP0RBZicY7crjyM3XijPb24OoRKusdmBVzUUraUHrvsS-U4kPEq_gUmxNzjjr5LjHSqDnXUJ0pCuuewaX7ofq0Itq8sSRaDSXJoV_AOvY7TVKFflJrmmDjeXAzvrVjPmNlwGdB9NzGJvnZTXGgCGYhlorK7viClbCxXE-LZUNjZqsNGrgTaB8IRCZvJpoJcUqEvQu6K6kRWQ87AxfKzyGodY2K8Jllo5UsBUg9xzbXLOTcXTkzOTMvAPjFMkhdDQRdRcqAp6s82eLK0lI3pQx8QSsU9eoSfESFWLRRxSsn6Tg9J4YcFzHjVYKbzcAobl7eUoNM6TLNq2k46gbcKg789BGb4sRdjppSjMikIAtRxIIulpDd9jGnKrnt90kKeQuaiKvFn7ti_kDiKCyC0624u9LV2weczKFdTdWYNhqvvxUXbyQtESH9x6IwrphQtNWpslHK6DcVGCGQsKAZb0FjJdZ4krLx_7f-UeUwiS6l487n14cpHiA9HKwNYFnoofDcd0wUGujrsyhlEUTLxh9Nx9tUQrNf9OnANCZer2JCGX1z69WdQx3GLYfW92eEzaFepDUV_4JyQhRUH6eaM5y_wUfglNX2FHMjYw5ZVjJqHDuD8HDOVRM5OBkxvtpkJ3z8JEAfkrLJHUQ3JN8pW1mXJzH_zZUyhx1A&sai=AMfl-YRCbnesKvFai7QKSHL_fPBYLgiKCF71SMryrjmrzJ-6FwF7_Jkd4Y6Gpw0feRhwg67oXSZF1IPOctIPw_Bq7Y2s7MU2PkkxzyGtdE0_ia3JGJT8T_lh6vVi6vfSpdWUIOaW9G3kJIg1WAXgBy-xB2Xipo_Wm-4bywpurHWA1qgGdnXcrF5vPhHjbi3Ox58mEfZK4CtyzXhWnfUkW_h39ow3cSGkzIJf6gH3f6poytxLSBT6un7W3HbMxMU0VDaO42fHpCxx-nGzC4vdNEvsdRJ-ITbcJV3z729OGbWbICeoIAycsrtE-ngsC6Gy4QZ-o44VAYGA8agE_lKFcECQS7wzF7lzRilhFYGMZB5Ilst_x42oS8Wa_mcehttlTeafFeVxCOSAgtoC_hOzPAZNuUasRS2tbTrYrandMJcY_ldGQrW6gotnUUqfGENEzFxLeVPfeK0VMsdvfOmhF6tfTlXJNE0-zyyv1e14Ryrn2BpNa9nsVA9l5dbj354A-j2W18a7Cow&sig=Cg0ArKJSzHho8rYGfZoSEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1813&vt=11&dtpt=782&dett=3&cstd=1024&cisv=r20231109.44786&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 38C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuW9gaJVuaZ4_qAkYAQPJt9rSyXXd5iVzK2tKdarZz2g7tSifsRb6VuCT97MXMTlle0VCPVGqqP_mB2-0uLbr3i8tDtGJV3pt7SRelTfiW8eYeYMlWRRziWA1wQx0qr7BhI4PlQP-10hVQycLIWrgJaHFXBCpWBYVBnRJz1CUieVnGoR4SBFcHaLBO8Pcqbg9EX1bCLbZoNHUmL0t6v8C5dfsHTctgJ2P7DnqWi_YMZ9NWtKRxV8ZrUCQTz3Y3TxLdIyS1l8TOnAHljkpEB2fDi0hjWXl0oWvjYveYoCeA7uMUDRZ10UzyPJ36wkKMHRqUuT-hfIiCOA8bMnERHBO6S1q1ZPblaTs33_47waIH29BKJuzPzeHzRG87ILwNGpOmsonLHkUlpna7SLqWNk1ObuzZU_LX5ezI9DzkLfelxpaKfWqVrVzQgiwRx73g933Sxm98aMRI_jJDaHQyRep5qQ92W8Tg8K62a-lsIVoFhbh_U1VoSUbbgnezsJMmepVP5lM8uEaozvRoAMk_Apg2qb0gKqF-JSiJmP4s-9bNfQLmaQRuWcsFq34e1FlA0XTfcR03TTMza0wUmFS_bfKtdIQehYL4_DwIn0nWzmPD6j-cThyCVto72qQ2YZEHAwjSy_mGyZXJxOYX8X7LoyeVzZQQl5CFcifmyurkQnJ2mADvU1gNfly3SY_IixqxnE2jRCczK1T4oyENMbtNxzq_n5B40YaxhJaQaBSGVMrJ4gkHrHYWOgPRG09y4OLmkCm37Kh6yWN53l5XDXHBQVjAvdoxNIR6krPl-qAVVEwH7ZZtq5cyHrnRXnuWipC5E54zIgdy1qq3XY2Mif5W3EMwZP09UsvNg_9m2ErR9Tr0OAjbq58e3Kn7vTZ3iQlkMkwKdgblCq4PzoDZ7eWDsSGL41aIQJIBbgUPr4WD376Pu-ty_mNbZCJ9W3og1S779i97rhktrVLoySlvxV0u0aUaM9UQjtTgEwVozoBwQsNxPMBvSfMx82g3bdOpNFLB2pzgfLtK48f3EAsr_702BbgQIm1GV6eU0L0s77TmR0ixV9QS2iT47yebRnb5oFzW6oxlJhIOFzfGiMRxS6BKEsLxMnI5v5E54ENAcDrsmiay8hw7sh0-Rni7zUcyWKxTzU61oIsp2PcGXrNI1U91FXd9_z_HZGn84-T9ynfy7FeRHYEhITQfpue9qiscL3oLp5HKEDrcTArUcK-2FAZBRQwN03YNG91XyotQWVFGgs0BlkExXbNgYMh5UdFDS7HfKt0bX-hhzCBZCEpL5xUT9zCG5uJGYPlNoTDlpflP4JVjFMpcErXG5ezkMWBbnL_IaQbTWj5UcCKUYlLfnBHQp7QzJEYtXS_VDSacFiqpBkeMInjOppFeqcTHc3BoaxLis8-ax1JayCvlugEWnvJ4IrPK-wB2Z-tSfveJrW2gZiiWqJ47aoLy6zH9wmLJuO3pefu9KG7-LYpvb9EpoyWxfxLWTaLNMwjOLu1vf4_D9F-uB35ZStkUHOjSPlWaL4GfCcXU&sai=AMfl-YRdhlmGGLdVJ5_s3rKvwCOwtM1REaR-DolQsDDkOEt-ldkBysCUsa5hxOj5wmdYbpd3FUKSZtJudZqC6EN8SFpzvn0rL6orMcY5G7TwrP4fqYxZsQ9nB-3PwVDlMRePWAix019mEyqDdYlV2g_hdYEwJ5bx6sWtRsOyOCnANhf7Wn2DRRGe-KhcePtHSQQMK4P0sMYtx8YAkYkDJRm7N6ikxXIxhuNVFRwn2WaX6A91kc84reOJn5NEr1EmWRfPow-gLNRprB8_qPP_WSr5PVPd9K-RCnfJkDQM1koyZ7MUSFcHcGLcpyfuwCEppZQH&sig=Cg0ArKJSzJsuA3o7UtAKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=696&vt=11&dtpt=461&dett=3&cstd=686&cisv=r20231109.94608&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
SG_Oil_Price-1-Singapore-970x250-638333200396802132-8d6f58ae-9447-4aca-bf13-ad5da8eb240a.html
s0.2mdn.net/sadbundle/16031603795926450176/ Frame 8139 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16031603795926450176/SG_Oil_Price-1-Singapore-970x250-638333200396802132-8d6f58ae-9447-4aca-bf13-ad5da8eb240a.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
dc40939b257bc9a3e42e8925c0544b14e2460008ad25a195938afdaa34ee9900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
20075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1856
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 21:02:17 GMT
expires
Fri, 15 Nov 2024 21:02:17 GMT
last-modified
Thu, 19 Oct 2023 13:47:27 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 949D 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
7f0366375eb32d24989936bd0c17c6ae1a89d43eda432ac9a7f99459fc7d9266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5967
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 3612 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvoITHqRzz-e-W7l2AiQhSzKtebUezbLZLk4y1KBqDr-xN3EHgNxn96JImh3fBsvAbf6A7Hb2o6EwtbQRDMOVdWQEiGWl64I2poSL_I73K1xgVwdo2k8yxGfg93nVKMutjdOOaWTtSJGgXMUivqnGBlrvHUdBib45C_oKYsNitkWShPqYC7kQG479eyJkyW_e3M0g6uFW6ehnbpoHpwQOuXETEN67eo7JDrOeGMZIqgT_y4XEOQUGgGp01G_tauJGCpkRImm-AopgazDXDhVBN-ynBrHDKFNjgMgvZNIz6wWJ4YvjCFUZsTTUX0Mm7dmuCkfghB-yfjSo9D-MyXR7LtrMAvWbvDverFuI5xZ0r6t9i55woNF5a_WSe2maqhvh4sdoT9WG8ZtcYZH_esTQno39CH035Iuw0zMmfp-myHORPsh0FR3n-TQrShRDJe-WW1wamcGtkrN9gnnefbRp0O0ykfefR5kVcPzm2_Dxp3ZK7qvnQmzXaDtmeTeTbPezn5o1RNpmZd1S7yR7-upIkgp0XK4JnmkSLqnBiZDlWNziOosJNB5NcLZGgK6sPixh0L9xKeFmrbL57WRbbu1L8qav9HFLE-4Rw2K0i_UjQpC2RGZK3E-KxahvAupl9MI1IQ33ZjkIsSBYQLbAUqPFouBkPZiRF8_LqXe9cNc3eA5efeQVfqOzaEznJJ3nER74f01KSQMt8s24TA_0gRs_LQAMbq8RRIRXVxmdzOSPy7rXVbzTuyhfCr1JlNsmLqbILjpcRD1l4J6JHFdfP2bhPJOyTYbScOwDcuoQUJ7ItlQo6mbTPh4mPlQWW8rIe6DmHrNQyMxLQGlcgtFB8salaElkRPuFFvzPHlTvZBvkXFGCMVF8ewovc9Ub-ehI_d8rlVX3-_I13s6PTfbhgaGW3r8jCf2-h4MTimJBCphvQH8MI9-IAyh688T4YfGQ0hxZeyoWZIkTSSCrTPrlvpkAYjoqk9KIwpmEiNGUw4HzER-34TNJX-8PLwq-X_oPwzzF5iL3LM9KEPJz2mYbZElEMTWkNTxmKpNeGJYduYKdPYIrFxIE3YO3rVxgLn2llYgUUYa5MWkJjTHMjjUt-Cem2ghLwegMKD102a4VMj5oHCBfpcHj1d1lk_Fa7TMv528KH-syT_xni_O2VcwnQ5q7L3piioPSJcX7Ne0g1WMIxeFLWBUamY0tYM1xlcayPe4aKCO7ccJwlGIkrFyVD2AZMziLtA2RZqVFNRmVReuNA8n_uZWnRpE7_4rujoQPL7QlufHPzaoI3ISUE6Hh63Cv_YLnMlihHyRuhUQ7aWbcE9ouFACY6QhnT-XAbWFgav79mtvPtlZNOxkON0tMzIqxygi_DnrNmz-OuW2Qn5tuijO3IYe0_tNzGQiQHybZlI3EQSCNQsxrAdketwTOGevoaTApVEXAmBpom2_XQWPndw57lmUNPssGVkH5lS9-_wwtZlxUVFFCgqoGfT89sfqcX4TTHy&sai=AMfl-YQ5ztFHvJJI9nCyIZU18FpE1IRDkziMX9QSj1MmXGlpng14QNrqQnQYCehKB2ppv6SyrXu1QM91XzSJGdNXQpJwrMvYjGRBoliyWREUMeL5gHMoNiXaEiI6F3V9CziPt_h49qykZtSrlXxWiSIUTGlAl7_j0UvYDXKwaJ56Jk5zLmuEMuYvz25seOjXmV8Qp8gM15dnddxoU5FcUYzcEUvUQ6lkmsaa6-e1F-A1UZbsJvIuwwrndFzMr1sklqgldLwmsVzVIamUYqRhoIc-s1tINz7yMjE0-MTDRWJaM_gDipH_1Ky6JVoo4Q7GMxhv7f4uL6xLXBqfOYunAsGSEvBMp3eVwTeZkBVOF6UVXHIeGqdKZmptuFNUrAaO-R7gxyqbEh4oiG8FcfCqpT3_2ZqqyTTEtaXi2dCeEI4skpz34cGvIr7sxRHPxA8Pu0T8-xIg_bVtYxuY-4hNos8W7D9PXdvUyBN43GVN2aQZfSfuMWeRRQ_GhUC9Kw1CyimC-C2pTKY&sig=Cg0ArKJSzGGIhe5HKycIEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yb3lhbGNhcmliYmVhbi5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1914&vt=11&dtpt=883&dett=3&cstd=1023&cisv=r20231109.45744&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9FB0 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
b2140136b06fab3d72cf567ffd152b0d282a95ac5d1524be8caedb5d2d8afba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5960
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A3AE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
551c5f1015e32f444027f1b0e0fbf8cd348593a5a00fe74ec59dab9dc5ce3d55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6006
x-xss-protection
0
RCI_160x600_border.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_border.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
cbf2a9054cab9fe08902b75da962ec0be18a1dd00b92b247383060b612faf6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20412
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_3.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_3.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
a1e514ace313ba09ad624c686083be7ef29ef76c2d6c71ed73c00c132a546349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14275
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_2.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_2.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
782d79cd583e2ace22643b00d177e9c1a2e0d87a497fdc758ac6715d529d34b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18228
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_1.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_1.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
60e07109ca0338dcae39f8d49c17b3b234dc81fb534ae3d6ab44060a52c2d4fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39062
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_bkg.jpg
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_bkg.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
1569edf4d640812bab5eb3a22e439cfd35f8b26c83c919f7a339dc471c2ee8b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39215
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_bkup.jpg
s0.2mdn.net/sadbundle/13265726895353787564/ Frame 949D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_bkup.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
24fde836e50593b3f4e0edc1159d640f85fabd022520b7bba8c5a688b98e0232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=wJ1CSJ6MIU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32349
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_300x250_border.png
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/RCI_300x250_border.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
05beed63a365eb8749fe8ed6f508ca967d2ee3a4c972d81d3276e0b16a3840c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:04 GMT
x-content-type-options
nosniff
age
5808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20794
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:04 GMT
RCI_300x250_3.png
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/RCI_300x250_3.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
e03e11d5d3656e5123a258b05a3c755258d4f2892bca81d967122c3ee4bf7791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:04 GMT
x-content-type-options
nosniff
age
5808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10877
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:04 GMT
RCI_300x250_2.png
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/RCI_300x250_2.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
9ab958f1c80eecf60523291d3b6e0bfccf7e26199fecb415e53221f2400aeb1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:04 GMT
x-content-type-options
nosniff
age
5808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13984
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:04 GMT
RCI_300x250_1.png
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/RCI_300x250_1.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
88b42ffe380ad208f1d0b4f1b30f59477dbeab044feca8522be8671da2223dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:04 GMT
x-content-type-options
nosniff
age
5808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22922
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:04 GMT
RCI_300x250_bkg.jpg
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/RCI_300x250_bkg.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
3f1d419798e0d1aadbf1454c16ee514d915714d3588e90f9da686d8574d4f287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:04 GMT
x-content-type-options
nosniff
age
5808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31866
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:04 GMT
RCI_300x250_bkup.jpg
s0.2mdn.net/sadbundle/13248889957521765018/ Frame 9FB0 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13248889957521765018/RCI_300x250_bkup.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
5b4f3a373b43be45d287885bf775e4f4277509f7543f414b19ff208f28eb7ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13248889957521765018/index.html?e=69&leftOffset=0&topOffset=0&c=wqf3CJvcPn&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:04 GMT
x-content-type-options
nosniff
age
5808
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36584
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:04 GMT
RCI_160x600_border.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_border.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
cbf2a9054cab9fe08902b75da962ec0be18a1dd00b92b247383060b612faf6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20412
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_3.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
a1e514ace313ba09ad624c686083be7ef29ef76c2d6c71ed73c00c132a546349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14275
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_2.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
782d79cd583e2ace22643b00d177e9c1a2e0d87a497fdc758ac6715d529d34b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18228
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_1.png
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
60e07109ca0338dcae39f8d49c17b3b234dc81fb534ae3d6ab44060a52c2d4fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39062
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_bkg.jpg
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_bkg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
1569edf4d640812bab5eb3a22e439cfd35f8b26c83c919f7a339dc471c2ee8b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39215
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
RCI_160x600_bkup.jpg
s0.2mdn.net/sadbundle/13265726895353787564/ Frame A3AE 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13265726895353787564/RCI_160x600_bkup.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
24fde836e50593b3f4e0edc1159d640f85fabd022520b7bba8c5a688b98e0232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13265726895353787564/index.html?e=69&leftOffset=0&topOffset=0&c=Oih8PdIIYT&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:37 GMT
x-content-type-options
nosniff
age
5775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32349
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 02:15:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:37 GMT
v2.js
cdn4-hbs.affinitymatrix.com/hvrlib/bolatimes.com/1697457242/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/hvrlib/bolatimes.com/1697457242/v2.js
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrcnf/bolatimes.com/171010/index?t=171010
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b.bitgravity.com
Software
v/6.7.6/6.5.25/v10sin1-www /
Resource Hash
aaffe543bb5a01ce9cab9f9e2d8fc9df9efb721248fd1c49e621d0a91dede90b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-version
9
date
Thu, 16 Nov 2023 22:57:55 GMT
content-encoding
gzip
x-real-ip
39.109.224.42
server
v/6.7.6/6.5.25/v10sin1-www
age
13137
x-tata-request-id
2f20276fa9b6f8737d29852e5e5f8d2e, 2f20276fa9b6f8737d29852e5e5f8d2e
vary
Accept-Encoding
x-cache
HIT,v10sin1
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23468
expires
Sat, 16 Nov 2024 02:36:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8446 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
66c7e9a6605b6c1ced90483eb699b60aeebda7a33a23c7632934f0488c5c68b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5840
x-xss-protection
0
RCI_728x90_border.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_border.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
dcaba92cdf59aea605e766e5e40f341b4cce9bc463c0fa0ce97d4985a6859b43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17541
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_7.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_7.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
e3a43cbae9f436d19ba791a2cbff41dbf5c711f93adb10e31e1ffa2b508f552b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11604
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_6.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_6.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
7d83abe1359e281d2ac57ecae09773d3bedde69af290aa0da28f39ca82934bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13548
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_5.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_5.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
aa5fdaca2a89a0342618ad7f221577ecc4c261e047e056340c0b75c1cce6a483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17166
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_4.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_4.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
11329695813bcaf032fc8d59627e0d2f8a41fae671be984107a9a1c59910c78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8268
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_3.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_3.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
e5489ce4eca7b3b322631ed6832e2650e3234d49896f2c8628c136137a91fa0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12061
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_2.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_2.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
ec5f9bf4dd5a9159928f94467c828317f653ca5330595db3fce41d06c3a56d65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20351
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_1.png
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_1.png
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
31d750b1a8bfae26043465fcd0951a982de23503b2265891a3a6929fe0f52768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19264
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_bkg.jpg
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_bkg.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
98184db30baf34d5949deb54c2a3c0851c909dfcb4bdecb1a57c4e24cd930295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23533
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
RCI_728x90_bkup.jpg
s0.2mdn.net/sadbundle/9615721082864171147/ Frame 8446 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9615721082864171147/RCI_728x90_bkup.jpg
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
sffe /
Resource Hash
0fa1db28c7b16a31b3ae04abee124e003cad337c553c935b8967fd33acf32607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9615721082864171147/index.html?e=69&leftOffset=0&topOffset=0&c=QrNF7Pkd6E&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:00:09 GMT
x-content-type-options
nosniff
age
5803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33962
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 00:47:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 01:00:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DED0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgMzFw9FWZfikMYaB3LUPnK-v8A8AAAAAOAHgBAI&bg=!S0ilSAfNAAZxrfrxUa07ADQBe5WfONB4E8pzchJcX_p_5asmlREttBZRKNoKGNSt5MWpGrSN8h5knl1z8K79xFSlU0RrAgAAAS1SAAAABGgBB5kDAEDm-bD7HSPD-KCquZJ9JcRRsbN7lDHxjxyyNw3iTHw2Yf7UeLf_9G677HlaZcQmZWoFlWAzfAYThpguH1JG3TNKxtYW2-So0YlqgSjwUNYHPFV4tIauE4ENhTWmQLZFGApjFK7YYsc06ucH5JMw_Xnr-WZaNuTHGH4EhvFPQ6Vk3MhQOWuoqPPu29NvDZ1Kxjm9I7UhU4ybIF5wL0DNj9L50_rEVbg-ZzxdTINvhNLh8U_irbmtL0P-lT7_D0LLawiS3Hndr7wUQJcqlbcQK3LifiNHuABm1LeBnTSFCUy4hXV3TmER6pmJ_aJxDnTkvLpX51RC8-t78N2NCmemBj2gX0KiAKUwdEge5d9yseZ003uyD4ptL9Y-8AxBQ5qYe-RGhVzzxnXtQXGZgKmINQaq-yNe0jZDw8f3PCl8NNNXb_IixQ5yDXqFr8zvwLCyzlbKNjo1YEP-AnvJ2FaMSrS9lcvpQBZQtunVWyCk5GCMU5gCGk_wRk4Bn3YWk5BmsN7CTicDpBcBoAgqpEC429mwPCUa6lfrQd4_puE5RTPYnBuBnfNrUb4GHXAqybzzRt7EexuEIHE4wecnqBzSmQDHKvI-4TwJHxTdxJkSGQ2AMXiuFe-K5Z4TJjk5iXINbBw5c3YqFSc1NDi4Rgw5FxFGWbUD92Cg1420ljqPlBPIj8iXTKl9tE8JpYKn766Aqa0TdTs5DqDkb12PspsXcEXn9jJkbNEzFYAJ-ckSLfY2BL3Q8cW9OpkaQ4Qtm23xxetSTuC4eTSU961-JWE1A_FT_4gweF3HR0vPlQai76om6uD_g4IMSCoTvZl1EPt7Ve8d5HM79M63ML11W117CeysikbUt1wZnRa1N0c424OlvRMtTH6cW_QP3iLiNmByNk-owQqiRQ48AEJ5IuEeeKRmD7Wfu5TpdsrfFGzq2HUgktDcVU94XtGs4pd47ry1wOUqnu_2xVYf0cYxmSOSeMCJwNv7hx-KQSkRQ4Hz70f8uH5qwFCz1PG1FlaWT9WvEQ
Requested by
Host: www.bolatimes.com
URL: https://www.bolatimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
affhb.data.js.php
cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/affhb.data.js.php?t=171010
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/bolatimes.com/1697457242/v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b.bitgravity.com
Software
v/6.7.6/6.5.25/v10sin1-www /
Resource Hash
59f628436f747d32973941f468ab47b5307cdbba88ea740455f7fd912f5cf9a8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-version
9
date
Thu, 02 Nov 2023 05:48:48 GMT
content-encoding
gzip
x-real-ip
39.109.224.42
server
v/6.7.6/6.5.25/v10sin1-www
age
1284654
x-tata-request-id
81028f23bc05b5653d6549d579e38bfd, 81028f23bc05b5653d6549d579e38bfd
vary
Accept-Encoding
x-cache
HIT,v10sin1
content-type
application/Javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
19481
expires
Sat, 16 Nov 2024 02:36:52 GMT
6531334a843eb9eeda76b437
c.bannerflow.net/a/ Frame 8139 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6531334a843eb9eeda76b437?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvqWodb6HoMZ33lyfzU4O78tK1LNGiCyM4c_w9HqQXun0CsHdxeioGP_Pj94I2oJnABZ6qXdoz4dUIQ8XQvjx8QBO7MHZnqenmtR99jbY7j73zhebgvuHX0IDV7U_cbEPEFHQj-DUxRPRRzaRd3-To8YQmOhTGmS7qz-wEVF-a-_NuXuDO2ip8DcVrSLAzkwEGm6nWFdyHE0gLihGJUFRw_DzN08ZkCGqy_lLAXrhqG1BrrwcNekYYCawY5IlK_ofc2CDnsYPOopeTlnzyDz1zrvg1rSOfyBbvFu8UgjMHi6F4ZN6WYtQ644rGQVGW5TRQJis8Kf-sy62Ub_AuLi2TKbjys5xHG_RIHUOCbHmMSzcNPGs-LwvtdofNs-2cF1-XXI0BKfEeL6nZYqFbe0W3_Tcz4mzpk3BMIx5T5klbsBdZHMYKftE94OY0UozMeeLoAPros389CBNsHZsz3ht7hLFKUJ1d075SVNykZrVHYLD4ITiEgYggseaeHHJ82RLugRpk7MeshX26EL2uTokWK5_xyC2oDCu9l_3xaikIHn1AmUIccIU7rl7-N4gb14zxvXQ1a4g-txHYOGW5e8zYGgm_yJFMajClRDRJcI08sfRkCcFDaZzQdnby-Au28QYCOx-RsEAY8ufqmDPKmvLsqFT3RGrzxmF1napbxrNABln6sTncqyfgNNQYbNGRULntZFJjtoJuhkO6tXHR9zIDk4w_xpz2zsrH9mqsyp41HNNTU-Thlk_OKvHxWwGDLpDagKtlXfmQTtJX31FDwrL0G9q8Vp1JG_E0K41Dp3upe91CspNIskoUuI-D2uZBkLn2aZO99bjyYA7E9CSX_4dCm7NzhXb0796Gf2AeOOow08cfAl6OmNQur6ncS-1bXqzgJFGl7pmbWFYZrL_iPhIvifus5ToDFQpFv4fYm4LpcY0eTid8l8fO9KadjG89DfyAYaNnADDyYXLxAtGVNEE7juprWP6gw7iCKlpmzJfJABDekdNKZLC8bLkN4to7-dLr4PRWiBb-BMjyZYVdvzruPnwxsOCUp4RD86hSp-72wrAhAfEhuKZpexvE1K6-WP7Huhs2eYUg4YpXF6Vbc7KM3acs-edUh8L79AM2PYkEiLq9z2yK3TJDJKWkdnL8f4UBcTy93-2-cRO40gMI4sHrhawpoBlVHYnaDKRESBspjeU7c-l-AubUoSbbkeLvk7ht4BQeAqOQL_QhiyzkqWIhJZ_LSLtJuw3k_40U9suE7HRp89Rb0U5AfGMQRrIV6BQz8TRlrq3XTbNyCfdapG9FBVhBeAjGAfsNGCj4FjQ2hWC_y0KxWx2XhC5ez4-IUiwfTSATRmtLRzJ3FWZSYsf22mUoGj9FB5LSMwaxu4Sjg-YY3S25GNSlg8G0a3tCdjRKQnntKtFZvhS9pP9thryw6jr8lYI3J43oRvVFQ5i01V2nJoc0xirpfTayYwMP90EVwq6CR6Dr9Nge1t3B3puDcE45-54LwG5CcVrC5IKAk12YKJ3IUZasTPWAHriEO1QlSBe_mk0kPSY%26sai%3DAMfl-YTtqCghKI6e8DJZOH_URYXhJa3PTKt5io6QgTSfdeQwFtF4W1XMMGXhIFFbf7eK71tfFkcLOndf-woZ_TIZ6ckDY10fxXsQlbFhiNzr4scKfcEPCNP8CgjnY5kxXe98GtP9vtn8U1iWMtk3IcyA7q44wK0onmoMkU0RkL_gyQ0CxYfN10eKn6C9-SZDmfepNvgcTuJMTMW3CctPD2M5L_d6CJPUMdo_fJpgSPAFqfOxMg2VJgU3A8SE9c4JI-sqbzWb_AI256I-xcV566zPaFyPWEAaFUx1t356q6FCuj6VfNXUuSH9sN7tqX9hz0Xy-PqKvZcbljj-wQ%26sig%3DCg0ArKJSzMcMAQltjzemEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fcampaigns%252Ftrading-oil%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16031603795926450176/SG_Oil_Price-1-Singapore-970x250-638333200396802132-8d6f58ae-9447-4aca-bf13-ad5da8eb240a.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c892201d0583b03bdd5fd8b7db09d092b9a930b77c57e7d0c0bfab8a8d6bc91

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 02:36:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827496b2886a3dbf-SIN
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
activeview
pagead2.googlesyndication.com/pcs/ Frame 9562 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvm7tzCKZOTLjJCX2YSHutRcplV4SueFgJkj016zdv2XJen4IQMy9l-_kilDduoqW4mJtnmau4NziZKe5ThT7gbJ2ujM7S1XYtGikxjx99HLdpSLVwNxfsCRo-Og4X-gFwvB9_-oCILdQ&sai=AMfl-YThK03TJZvuI4HK2bAYZDmiqlGFH1ZBcOwwXOXpGuGANCo_NloEYhou1tY8qy98dQuWr2yJnQ3b2yyoBa6l3oEgtLBVac0_wuLN9c0QEImvou5-U8Z7nn2Sw2VIimgmPzP_mniaHtvXeq9tVkIj&sig=Cg0ArKJSzK-EPHSMRGM0EAE&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&id=lidar2&mcvt=1016&p=100,1414,140,1455&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2729229666&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700188610614&rpt=743&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED6D 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrkXBxkSNovbi5xVfCAystbO3EFLeVkgUWRBTzTZlU6IW4RJA5HAqxjMhuvNLgrAFiqFJ8aPfNDRwpnFugIJ9dB8cjvLa6KmzIq0uzVS9A_rMzvdOLgjtHcZFRNB0Z7aj2Qnp4_IwH3g&sai=AMfl-YRL92r8hvUYqAhiDD12_80z8lawyQ_LIqp00T69uI_Ge86stbgUwfx2tl0xjBScUXfbe92eGQPQ1eZLXppFE5mwhjN2OP9t8uOZRySy7DLuCAGlZ6UVdd1AtCxLOqiPlgZnoIibbbMS9MnzHyux&sig=Cg0ArKJSzDrYyqs3dVgJEAE&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&id=lidar2&mcvt=1019&p=100,264,140,305&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=307847192&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700188610624&rpt=825&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid7.50.0-dbacd93f4e9ef5234d7559d1c17a7d5a.js
cdn4-hbs.affinitymatrix.com/app/pbjs/2023B/ 		291 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023B/prebid7.50.0-dbacd93f4e9ef5234d7559d1c17a7d5a.js
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/affhb.data.js.php?t=171010
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.185.181.238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
pc-b.bitgravity.com
Software
v/6.7.6/6.5.25/v10sin1-www /
Resource Hash
4ec5cd81705e6dc7f93b1cf2a50aceecd31eec90148211f623e3d11e3480bac6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-version
9
date
Thu, 02 Nov 2023 05:48:48 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 07:35:27 GMT
server
v/6.7.6/6.5.25/v10sin1-www
age
1284653
x-tata-request-id
6f889200424ee692ec66683458509ca2, 6f889200424ee692ec66683458509ca2
x-real-ip
39.109.224.42
vary
Accept-Encoding
x-cache
HIT,v10sin1
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
112606
expires
Sat, 16 Nov 2024 02:36:53 GMT
cfg.php
hbs.ph.affinity.com/app/ 		148 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hbs.ph.affinity.com/app/cfg.php?d=hvr_bolatimes.com
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_bolatimes.com/affhb.data.js.php?t=171010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.68.18 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
18.68.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1378eff63769b68f255cab9f77f5f82e70b7674ae10acbc8be69f8b0582c608d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
gzip
via
1.1 google
server
nginx
vary
Accept-Encoding
content-type
application/Javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1708 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4DOZ3xN0ub0-eN8kxZ_StGjtRZonrPKUyQxYt5EooASNFhnuwEUbahtYQkvCxAYsvsIYFyFqCO8I8wxddAld6vx_l6yE_wZxLDkOSn-enwCJPzKCJqXT20MdslrPa349ajSlZuxGkobxEnLduKMp26yN8UzDBdCPYnS077tX704sdz20M7jTEXyO7a-b-RRwLtvS7XbKUacIx-rjjotjVmEiF20D1RpYQcKjvyyOpxaD2D4qJjYSQxvjlmxkJtYltEp7bR4uisuPxNm-SExKd_EcWyKOv7o9n9a_Ln5UX2_XtdKhAQBdmUoVNRwreRnOz-M6e8LtebyLV0C270Lsd000YwoFIadZ8LAvoMuHlVjM7mR6CIfEZ&sai=AMfl-YQToR3rGo3EJysLHalL0xaxtzBTCAtB_XKhG4AnBNxT--2sHgZSrYXRX6Yru9HjiQ90LiZ2YETQzXHFLDwx31iTgO_BhmOSF2x1fVtVUiaA2FJU1qZUnFSGL05RgVvDiBOksZ7GC0qBdM0Gg-q8Xw4&sig=Cg0ArKJSzMJqtse50auQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:36:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 38C4 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqsfgX4Ndtm1JvYbRgkYfJnLmaueST_aLkPLeepfIHIWA57KG0a61Xzag-N7d0k0LEzIUL4K5Ax_ysFuZ77bmQvBii7tIU_dB2HbRaeFNX4erS8_ea1ny_kMmmc7e5LhmFt9wGYI3NtQ&sai=AMfl-YRf9igC-TZZ3I1hfAmVjZfaXsT8laaCUoB5HpKYKfDkuP1qFT4ETUH0SMtYnoN0t5JxyONC9JPpfw2WF6CuogwyUWKveqh-ZQ_gwx8NkAG3pTlc6N9i-q9TqrY7ATJKuyV_ZWDnQ3nBdonlGIta&sig=Cg0ArKJSzARNXWFYUKr1EAE&cid=CAQSTgDICaaNBZQXnmM_Wfave3NHroK20JJlF2D1uDaVvOwexvIfWf3BbY9vpJ9J3fBxIsAqf6vD7KtLQRGD7IFHb3bOOe0r6nWK6Tnx7-YLIBgB&id=lidar2&mcvt=1001&p=100,315,350,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1285832963&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700188610550&rpt=1466&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231117
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023B/prebid7.50.0-dbacd93f4e9ef5234d7559d1c17a7d5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4452a656d8e30f51db5e00d47fc827013467f6c77d0eb2de0b086e752ebf9262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 02:36:54 GMT
x-content-type-options
nosniff
content-encoding
br
age
38165
x-jsd-version
1.0.1876
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
838
x-served-by
cache-fra-eddf8230103-FRA, cache-qpg1246-QPG
x-jsd-version-type
version
etag
W/"63b-x6r4vBjPDeNqG5LT7S05uqZKQHo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u-xHjsvqFqm5z8nREazkqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-u-xHjsvqFqm5z8nREazkqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 17 Nov 2023 02:36:53 GMT
status
accounts.google.com/gsi/ 		40 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=293467744355-vihrbi7vh8egdr8j3c2llmgla83g1i5i.apps.googleusercontent.com&as=CqTe0MeQFU6DXO1wcVI2EA
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f84.1e100.net
Software
ESF /
Resource Hash
f6185934848f81fed204191bdefef62ffcb16faf4bebddb51db33f975e824c6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_Vfp3KAs-x6ODJwGKPJsQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-_Vfp3KAs-x6ODJwGKPJsQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bolatimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
b74f014560cbd04507f527744fa71f097bea8d22026835fd5565607f06aab853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12388
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F66BE12D1ECC4353B98948E83D90707B&RedC=c.clarity.ms&MXFR=23015500ABB063D22AC846CCAFB06D1E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F66BE12D1ECC4353B98948E83D90707B&MUID=0F9DA9A4801762490A7ABA6881226374
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F66BE12D1ECC4353B98948E83D90707B&MUID=0F9DA9A4801762490A7ABA6881226374
Protocol
H2
Server
20.125.62.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:54 GMT
last-modified
Wed, 30 Aug 2023 08:44:09 GMT
server
Microsoft-IIS/10.0
etag
"41be6e241edbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 517DA4DC95A2459C97C13F44150B9D21 Ref B: SG2EDGE3315 Ref C: 2023-11-17T02:36:55Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F66BE12D1ECC4353B98948E83D90707B&MUID=0F9DA9A4801762490A7ABA6881226374
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 949D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:36:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A3AE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:36:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9FB0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:36:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8446 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:36:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:36:53 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 11A0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38C4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3474695440923&version=m202309260101&ct=76&x=1&cor=10700197431386034000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 40B6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
document.000000BE992B5D.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5147326/7254645/ Frame 8139 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5147326/7254645/document.000000BE992B5D.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531334a843eb9eeda76b437?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvqWodb6HoMZ33lyfzU4O78tK1LNGiCyM4c_w9HqQXun0CsHdxeioGP_Pj94I2oJnABZ6qXdoz4dUIQ8XQvjx8QBO7MHZnqenmtR99jbY7j73zhebgvuHX0IDV7U_cbEPEFHQj-DUxRPRRzaRd3-To8YQmOhTGmS7qz-wEVF-a-_NuXuDO2ip8DcVrSLAzkwEGm6nWFdyHE0gLihGJUFRw_DzN08ZkCGqy_lLAXrhqG1BrrwcNekYYCawY5IlK_ofc2CDnsYPOopeTlnzyDz1zrvg1rSOfyBbvFu8UgjMHi6F4ZN6WYtQ644rGQVGW5TRQJis8Kf-sy62Ub_AuLi2TKbjys5xHG_RIHUOCbHmMSzcNPGs-LwvtdofNs-2cF1-XXI0BKfEeL6nZYqFbe0W3_Tcz4mzpk3BMIx5T5klbsBdZHMYKftE94OY0UozMeeLoAPros389CBNsHZsz3ht7hLFKUJ1d075SVNykZrVHYLD4ITiEgYggseaeHHJ82RLugRpk7MeshX26EL2uTokWK5_xyC2oDCu9l_3xaikIHn1AmUIccIU7rl7-N4gb14zxvXQ1a4g-txHYOGW5e8zYGgm_yJFMajClRDRJcI08sfRkCcFDaZzQdnby-Au28QYCOx-RsEAY8ufqmDPKmvLsqFT3RGrzxmF1napbxrNABln6sTncqyfgNNQYbNGRULntZFJjtoJuhkO6tXHR9zIDk4w_xpz2zsrH9mqsyp41HNNTU-Thlk_OKvHxWwGDLpDagKtlXfmQTtJX31FDwrL0G9q8Vp1JG_E0K41Dp3upe91CspNIskoUuI-D2uZBkLn2aZO99bjyYA7E9CSX_4dCm7NzhXb0796Gf2AeOOow08cfAl6OmNQur6ncS-1bXqzgJFGl7pmbWFYZrL_iPhIvifus5ToDFQpFv4fYm4LpcY0eTid8l8fO9KadjG89DfyAYaNnADDyYXLxAtGVNEE7juprWP6gw7iCKlpmzJfJABDekdNKZLC8bLkN4to7-dLr4PRWiBb-BMjyZYVdvzruPnwxsOCUp4RD86hSp-72wrAhAfEhuKZpexvE1K6-WP7Huhs2eYUg4YpXF6Vbc7KM3acs-edUh8L79AM2PYkEiLq9z2yK3TJDJKWkdnL8f4UBcTy93-2-cRO40gMI4sHrhawpoBlVHYnaDKRESBspjeU7c-l-AubUoSbbkeLvk7ht4BQeAqOQL_QhiyzkqWIhJZ_LSLtJuw3k_40U9suE7HRp89Rb0U5AfGMQRrIV6BQz8TRlrq3XTbNyCfdapG9FBVhBeAjGAfsNGCj4FjQ2hWC_y0KxWx2XhC5ez4-IUiwfTSATRmtLRzJ3FWZSYsf22mUoGj9FB5LSMwaxu4Sjg-YY3S25GNSlg8G0a3tCdjRKQnntKtFZvhS9pP9thryw6jr8lYI3J43oRvVFQ5i01V2nJoc0xirpfTayYwMP90EVwq6CR6Dr9Nge1t3B3puDcE45-54LwG5CcVrC5IKAk12YKJ3IUZasTPWAHriEO1QlSBe_mk0kPSY%26sai%3DAMfl-YTtqCghKI6e8DJZOH_URYXhJa3PTKt5io6QgTSfdeQwFtF4W1XMMGXhIFFbf7eK71tfFkcLOndf-woZ_TIZ6ckDY10fxXsQlbFhiNzr4scKfcEPCNP8CgjnY5kxXe98GtP9vtn8U1iWMtk3IcyA7q44wK0onmoMkU0RkL_gyQ0CxYfN10eKn6C9-SZDmfepNvgcTuJMTMW3CctPD2M5L_d6CJPUMdo_fJpgSPAFqfOxMg2VJgU3A8SE9c4JI-sqbzWb_AI256I-xcV566zPaFyPWEAaFUx1t356q6FCuj6VfNXUuSH9sN7tqX9hz0Xy-PqKvZcbljj-wQ%26sig%3DCg0ArKJSzMcMAQltjzemEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fcampaigns%252Ftrading-oil%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4905bdcd38e0a58ccd59e35935542e4ca029786bac89ac7059a41ddaf096139

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
wl2/P+TKrgy/PpJkEhsLaA==
age
609390
cf-polished
origSize=33836
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 15:23:02 GMT
server
cloudflare
etag
W/"0x8DBB07F7DC15737"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e0b367dd-201e-004a-3174-13765c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827496b3c9483dbf-SIN
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame 8139 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531334a843eb9eeda76b437?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvqWodb6HoMZ33lyfzU4O78tK1LNGiCyM4c_w9HqQXun0CsHdxeioGP_Pj94I2oJnABZ6qXdoz4dUIQ8XQvjx8QBO7MHZnqenmtR99jbY7j73zhebgvuHX0IDV7U_cbEPEFHQj-DUxRPRRzaRd3-To8YQmOhTGmS7qz-wEVF-a-_NuXuDO2ip8DcVrSLAzkwEGm6nWFdyHE0gLihGJUFRw_DzN08ZkCGqy_lLAXrhqG1BrrwcNekYYCawY5IlK_ofc2CDnsYPOopeTlnzyDz1zrvg1rSOfyBbvFu8UgjMHi6F4ZN6WYtQ644rGQVGW5TRQJis8Kf-sy62Ub_AuLi2TKbjys5xHG_RIHUOCbHmMSzcNPGs-LwvtdofNs-2cF1-XXI0BKfEeL6nZYqFbe0W3_Tcz4mzpk3BMIx5T5klbsBdZHMYKftE94OY0UozMeeLoAPros389CBNsHZsz3ht7hLFKUJ1d075SVNykZrVHYLD4ITiEgYggseaeHHJ82RLugRpk7MeshX26EL2uTokWK5_xyC2oDCu9l_3xaikIHn1AmUIccIU7rl7-N4gb14zxvXQ1a4g-txHYOGW5e8zYGgm_yJFMajClRDRJcI08sfRkCcFDaZzQdnby-Au28QYCOx-RsEAY8ufqmDPKmvLsqFT3RGrzxmF1napbxrNABln6sTncqyfgNNQYbNGRULntZFJjtoJuhkO6tXHR9zIDk4w_xpz2zsrH9mqsyp41HNNTU-Thlk_OKvHxWwGDLpDagKtlXfmQTtJX31FDwrL0G9q8Vp1JG_E0K41Dp3upe91CspNIskoUuI-D2uZBkLn2aZO99bjyYA7E9CSX_4dCm7NzhXb0796Gf2AeOOow08cfAl6OmNQur6ncS-1bXqzgJFGl7pmbWFYZrL_iPhIvifus5ToDFQpFv4fYm4LpcY0eTid8l8fO9KadjG89DfyAYaNnADDyYXLxAtGVNEE7juprWP6gw7iCKlpmzJfJABDekdNKZLC8bLkN4to7-dLr4PRWiBb-BMjyZYVdvzruPnwxsOCUp4RD86hSp-72wrAhAfEhuKZpexvE1K6-WP7Huhs2eYUg4YpXF6Vbc7KM3acs-edUh8L79AM2PYkEiLq9z2yK3TJDJKWkdnL8f4UBcTy93-2-cRO40gMI4sHrhawpoBlVHYnaDKRESBspjeU7c-l-AubUoSbbkeLvk7ht4BQeAqOQL_QhiyzkqWIhJZ_LSLtJuw3k_40U9suE7HRp89Rb0U5AfGMQRrIV6BQz8TRlrq3XTbNyCfdapG9FBVhBeAjGAfsNGCj4FjQ2hWC_y0KxWx2XhC5ez4-IUiwfTSATRmtLRzJ3FWZSYsf22mUoGj9FB5LSMwaxu4Sjg-YY3S25GNSlg8G0a3tCdjRKQnntKtFZvhS9pP9thryw6jr8lYI3J43oRvVFQ5i01V2nJoc0xirpfTayYwMP90EVwq6CR6Dr9Nge1t3B3puDcE45-54LwG5CcVrC5IKAk12YKJ3IUZasTPWAHriEO1QlSBe_mk0kPSY%26sai%3DAMfl-YTtqCghKI6e8DJZOH_URYXhJa3PTKt5io6QgTSfdeQwFtF4W1XMMGXhIFFbf7eK71tfFkcLOndf-woZ_TIZ6ckDY10fxXsQlbFhiNzr4scKfcEPCNP8CgjnY5kxXe98GtP9vtn8U1iWMtk3IcyA7q44wK0onmoMkU0RkL_gyQ0CxYfN10eKn6C9-SZDmfepNvgcTuJMTMW3CctPD2M5L_d6CJPUMdo_fJpgSPAFqfOxMg2VJgU3A8SE9c4JI-sqbzWb_AI256I-xcV566zPaFyPWEAaFUx1t356q6FCuj6VfNXUuSH9sN7tqX9hz0Xy-PqKvZcbljj-wQ%26sig%3DCg0ArKJSzMcMAQltjzemEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fcampaigns%252Ftrading-oil%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 02:36:53 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
1387181
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
16525edb-301e-009d-7161-0c1f9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827496b3d9503dbf-SIN
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 8C0C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E4F8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64AB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
6959
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 00:40:54 GMT
expires
Sat, 16 Nov 2024 00:40:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7815 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f106.1e100.net
Software
GSE /
Resource Hash
ab2154514cd89776005ddbc81a1dfbe05a7031f51bdb6fc1220d02c059c76e3e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dd-n8VPzM23rBgOF18lZaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bolatimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Dd-n8VPzM23rBgOF18lZaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:36:54 GMT
expires
Fri, 17 Nov 2023 02:36:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 64AB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
156561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 07:07:33 GMT
truncated
/ Frame 8139 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/webp
bb2673b0-7ffa-49dc-a61d-ae6032fbc3e4
https://s0.2mdn.net/ Frame 7A7D 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/bb2673b0-7ffa-49dc-a61d-ae6032fbc3e4
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 8139 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20%2a%2C.012CDEFILNRSTabcdefghiklmnoprstuvy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16031603795926450176/SG_Oil_Price-1-Singapore-970x250-638333200396802132-8d6f58ae-9447-4aca-bf13-ad5da8eb240a.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eebe49ddc75f35be00173e45643a11cc28dce972dd1b53c44b2fe38603cb01a

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:54 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 14:11:27 GMT
server
cloudflare
age
735927
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827496ba19325ffc-SIN
expires
Thu, 07 Nov 2024 14:11:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 64AB 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?N6snGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7815 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=4347699013370239&rc=
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
collect
r.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bolatimes.com
Date
Fri, 17 Nov 2023 02:36:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=4347699013370239&bg=!PD-lP3DNAAZxrfrxUa07ADQBe5WfOG_xMVEj9GHD8Qa3xytienCYI3QcY7rjqVnAt6-UcJe8VeBjax-qWSNaldKMGJRnAgAAAGhSAAAAA2gBBwoAcaL849rlv58viPFMFEX7n9DmcNkL5KNwXt-aqkQsXowvEuPoKhfDlPT67i2c7dFJvBalITv7ghTR8xPqTNJvOEGSwWdu7OFjG9vh5baptQsiN-avdFVmGViNqrQ10D21s3V68D1G54qtLpDzTQ7tq7Q2mQKtfo7nRDkQO5iKr4UMy8OgURpYub2J7ev4HWTJlVFVBM898xnJi-2aQQgIZWS8jrTb2003C5F3RYvvYZEW_jxfbdTBS8Q2Wx2NNUgD9z96qoOAW_7uc6oDo_oZhLnXh4wl8_e2BA-QVSY3AmLuaoxTzPDTJNtTl-PtzLvC5KNNkbIci5mMVoDk_yqzC_weG_2wK03qe__k6ugKXzTUk5ddINknsVtTwoeCEGkQ91k0AYIN4a-WGUxxrSwPDVw4T-BOu-7MhWDu0y6iKVAHbgnQxsjy-AjGyyGj-Hvz3gvnltNnTxhB6T025rTQadvLRpbN3MMIsjGqqfUIsQUbCP3Bn1Jcp8729zcuAved-76R95mqynpI1WQgeCAKAPvaN8Rq_ZWEMhNFjI8uquchZO00yYofF8uerGYogbBMuKAH0AMoLLt97i0h03nzrgk1AMPsuh8JIGg5NZZwFnOwGKE7ARXaj3P-rkI_oo8udwzj1RD6IquUqtf0P0sHXsrvS60ux12RsIVH1WlcWdIhRLwrz3td7YR62419mxp3Yq6p9um-9kKqgz_O2ExGXmgDnWUU8ry6GNFlEtJzva-qfVvx-9AUsh77KzZvkKuT6UrUftuXc0JVSpDyUB5__i8x6bHOXo2ZzI_a-YNXYkj8ngZ4L1suKi9ne7MpN3l5VuLg-7-D9MIwgS0FGUQUg9UBVBy3W-_htmVG4vuwfDMRs28x18c9RlYpEU6t6BwGMSlWWsZ1wfoWJXWR1g49Xzkf9suICeu-zeVp3oafjcunGt70s0Dpsw0wU0-GlVo8FarEwaUAGFCa1eOWyhQPoDbpSvCMM66_llotcQ4wedoPqNRpkGDVaYaoNU2_Ynr4A3XNgGLK4WNMG69x-DuPZfgIxT4QA5CjgylzrxQtMB5eoA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.bolatimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
font
c.bannerflow.net/fs/api/v2/ Frame 8139 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20Oacenoptu
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16031603795926450176/SG_Oil_Price-1-Singapore-970x250-638333200396802132-8d6f58ae-9447-4aca-bf13-ad5da8eb240a.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47500586c5c5acfe5c6d2ff6d08dbc9a443b7a10a67024ed18d6dc9fdefd821d

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:54 GMT
cf-cache-status
HIT
last-modified
Mon, 13 Nov 2023 23:15:25 GMT
server
cloudflare
age
271289
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827496baf9fb5ffc-SIN
expires
Tue, 12 Nov 2024 23:15:24 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 25AB 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F8e085100-2ec3-4466-95ca-48db100aab04.png&w=587&h=331&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a5d0a212d3bdf7f14e2a715ec3b4a5d590257e667549275f0cfbb035df8cf8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:55 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 07:23:56 GMT
api-supported-versions
2.0
server
cloudflare
age
69179
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827496bbc8443dbf-SIN
content-length
30750
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
f73413de-d0dd-4d1f-bf1c-4584d3114b3d.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 25AB 		162 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/f73413de-d0dd-4d1f-bf1c-4584d3114b3d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c48733c4adc791e44dd7992f55e7c1173a58caf8124037151c40c9ea39d708a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 02:36:55 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
G/UgpRWtf15wrwXzuEQPpQ==
age
4557
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 11:17:04 GMT
server
cloudflare
etag
W/"0x8DAA6C321B8024A"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b89d8e31-101e-006e-0b21-1480fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827496bbc8453dbf-SIN
optimize
c.bannerflow.net/io/api/image/ Frame 25AB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fd3bc406b-e9da-4faa-b2a9-03d21dd7d364.png&w=134&h=60&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f63f749d2267dadb8b10c1ba7c6f8e36fac467e528647db47776a08b6d05a2f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:36:55 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 12:07:53 GMT
api-supported-versions
2.0
server
cloudflare
age
52142
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827496bbc8473dbf-SIN
content-length
3152
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
/
c.bannerflow.net/tr/v2/pixel/ Frame 8139 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6531334a843eb9eeda76b437?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvqWodb6HoMZ33lyfzU4O78tK1LNGiCyM4c_w9HqQXun0CsHdxeioGP_Pj94I2oJnABZ6qXdoz4dUIQ8XQvjx8QBO7MHZnqenmtR99jbY7j73zhebgvuHX0IDV7U_cbEPEFHQj-DUxRPRRzaRd3-To8YQmOhTGmS7qz-wEVF-a-_NuXuDO2ip8DcVrSLAzkwEGm6nWFdyHE0gLihGJUFRw_DzN08ZkCGqy_lLAXrhqG1BrrwcNekYYCawY5IlK_ofc2CDnsYPOopeTlnzyDz1zrvg1rSOfyBbvFu8UgjMHi6F4ZN6WYtQ644rGQVGW5TRQJis8Kf-sy62Ub_AuLi2TKbjys5xHG_RIHUOCbHmMSzcNPGs-LwvtdofNs-2cF1-XXI0BKfEeL6nZYqFbe0W3_Tcz4mzpk3BMIx5T5klbsBdZHMYKftE94OY0UozMeeLoAPros389CBNsHZsz3ht7hLFKUJ1d075SVNykZrVHYLD4ITiEgYggseaeHHJ82RLugRpk7MeshX26EL2uTokWK5_xyC2oDCu9l_3xaikIHn1AmUIccIU7rl7-N4gb14zxvXQ1a4g-txHYOGW5e8zYGgm_yJFMajClRDRJcI08sfRkCcFDaZzQdnby-Au28QYCOx-RsEAY8ufqmDPKmvLsqFT3RGrzxmF1napbxrNABln6sTncqyfgNNQYbNGRULntZFJjtoJuhkO6tXHR9zIDk4w_xpz2zsrH9mqsyp41HNNTU-Thlk_OKvHxWwGDLpDagKtlXfmQTtJX31FDwrL0G9q8Vp1JG_E0K41Dp3upe91CspNIskoUuI-D2uZBkLn2aZO99bjyYA7E9CSX_4dCm7NzhXb0796Gf2AeOOow08cfAl6OmNQur6ncS-1bXqzgJFGl7pmbWFYZrL_iPhIvifus5ToDFQpFv4fYm4LpcY0eTid8l8fO9KadjG89DfyAYaNnADDyYXLxAtGVNEE7juprWP6gw7iCKlpmzJfJABDekdNKZLC8bLkN4to7-dLr4PRWiBb-BMjyZYVdvzruPnwxsOCUp4RD86hSp-72wrAhAfEhuKZpexvE1K6-WP7Huhs2eYUg4YpXF6Vbc7KM3acs-edUh8L79AM2PYkEiLq9z2yK3TJDJKWkdnL8f4UBcTy93-2-cRO40gMI4sHrhawpoBlVHYnaDKRESBspjeU7c-l-AubUoSbbkeLvk7ht4BQeAqOQL_QhiyzkqWIhJZ_LSLtJuw3k_40U9suE7HRp89Rb0U5AfGMQRrIV6BQz8TRlrq3XTbNyCfdapG9FBVhBeAjGAfsNGCj4FjQ2hWC_y0KxWx2XhC5ez4-IUiwfTSATRmtLRzJ3FWZSYsf22mUoGj9FB5LSMwaxu4Sjg-YY3S25GNSlg8G0a3tCdjRKQnntKtFZvhS9pP9thryw6jr8lYI3J43oRvVFQ5i01V2nJoc0xirpfTayYwMP90EVwq6CR6Dr9Nge1t3B3puDcE45-54LwG5CcVrC5IKAk12YKJ3IUZasTPWAHriEO1QlSBe_mk0kPSY%26sai%3DAMfl-YTtqCghKI6e8DJZOH_URYXhJa3PTKt5io6QgTSfdeQwFtF4W1XMMGXhIFFbf7eK71tfFkcLOndf-woZ_TIZ6ckDY10fxXsQlbFhiNzr4scKfcEPCNP8CgjnY5kxXe98GtP9vtn8U1iWMtk3IcyA7q44wK0onmoMkU0RkL_gyQ0CxYfN10eKn6C9-SZDmfepNvgcTuJMTMW3CctPD2M5L_d6CJPUMdo_fJpgSPAFqfOxMg2VJgU3A8SE9c4JI-sqbzWb_AI256I-xcV566zPaFyPWEAaFUx1t356q6FCuj6VfNXUuSH9sN7tqX9hz0Xy-PqKvZcbljj-wQ%26sig%3DCg0ArKJSzMcMAQltjzemEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fcampaigns%252Ftrading-oil%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.202.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:36:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827496bca90e3dbf-SIN
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R6NQQ7RXT0&gtm=45je3b81v872195582&_p=1700188607683&gcd=11l1l1l1l1&dma=0&cid=1270297363.1700188609&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1700188609&sct=1&seg=0&dl=https%3A%2F%2Fwww.bolatimes.com%2F&dt=BolaTimes.com%20-%20Berita%20bola%2C%20Jadwal%2C%20Skor%20%26%20Liga%20Eropa&_s=2&tfd=9794
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R6NQQ7RXT0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:36:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bolatimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
r.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bolatimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bolatimes.com
Date
Fri, 17 Nov 2023 02:36:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
URL
https://7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| documentPictureInPicture object| dataLayer function| gtag object| googletag object| interstitialSlot undefined| staticSlot string| REFRESH_KEY string| REFRESH_VALUE function| $ function| jQuery object| _izq function| clarity function| b function| a object| realtimely string| data_url_new object| container undefined| _izAlt object| _iz object| izConfig object| ggeac object| google_tag_data object| google_js_reporting_queue object| default_gsi object| _F_toggles object| google object| closure_lm_253213 object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| _izooto undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| FB object| _33across object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback object| __buffer object| __afflib object| G_options object| affpbjs object| ID5EspConfig object| _aff_pob object| affinityhb object| affpbjsChunk object| __G_ID_CLIENT__ object| GoogleGcLKhOms object| google_image_requests

43 Cookies

Domain/Path Name / Value
.bolatimes.com/ Name: _ga
Value: GA1.1.1270297363.1700188609
.izooto.com/ Name: IZCID
Value: af1889a5-aaae-4bc9-80d6-a5b224e7c00a
www.clarity.ms/ Name: CLID
Value: 44c62482f99a40b59cf425d14ef11fce.20231117.20241116
.bolatimes.com/ Name: __gads
Value: ID=7d58e5ef9eb09afc:T=1700188609:RT=1700188609:S=ALNI_MZcz3lCo94G3gGcVGFDjkxXAAvFvQ
.bolatimes.com/ Name: __gpi
Value: UID=00000c8ac6bdd73f:T=1700188609:RT=1700188609:S=ALNI_MYQlxpNUwrlx3ikTZt3Ul2KqC29fg
.doubleclick.net/ Name: IDE
Value: AHWqTUkIdpqoWPGYTw3ERmtGEGMOjEjRQcBtm_vVcxpYeCsBzq3hdnZt8n_TB8OHadk
.bolatimes.com/ Name: lotame_domain_check
Value: bolatimes.com
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 79f8e8915b1b5f64db1da654fc0e3e91
.bolatimes.com/ Name: _cc_id
Value: 79f8e8915b1b5f64db1da654fc0e3e91
.bolatimes.com/ Name: panoramaId_expiry
Value: 1700793411234
.bolatimes.com/ Name: panoramaId
Value: 52d9c64bb4a2187a693c716d450616d5393893a24cf033bd7da7a083fa75b6ce
.bolatimes.com/ Name: panoramaIdType
Value: panoIndiv
.openx.net/ Name: i
Value: 1716e61d-0d86-422a-a23b-53baa2760335|1700188611
.bolatimes.com/ Name: _ga_R6NQQ7RXT0
Value: GS1.1.1700188609.1.0.1700188611.58.0.0
.criteo.com/ Name: uid
Value: 66636961-359e-48e1-a5d2-da98b23fadf9
.doubleclick.net/ Name: APC
Value: AfxxVi4WTUvnvlgLvR_Vj9QF-OpFkkpk3v6E299QEoKVsNKplp85qA
.casalemedia.com/ Name: CMPS
Value: 4741
.bolatimes.com/ Name: _clck
Value: n1b61e|2|fgs|0|1416
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaMM.v]F!@wnfH8K6pQK`!5=E<*L5?%M/kMA6g2G/XBfOfQLgY>Fb5*:+-A8d3_lX2xT*bpRz*qF1`*b_@s**G9H
.adnxs.com/ Name: uuid2
Value: 9109628574395941453
.casalemedia.com/ Name: CMID
Value: ZVbRw5p9Zzka7HsBH6rjVgAA
.casalemedia.com/ Name: CMPRO
Value: 4741
.bolatimes.com/ Name: cto_bundle
Value: QW0Xq19MWU1qdVVnRWpLRHRLZDZ3MVpkaSUyQjlLZlZJSjMycFpZclYlMkJZTXcxS3hHd0J5SEFmWHNUSTVtU0hnTlByRUFqNUNCbEZDVUN1S0ZpTGhDZ3FzMGVXd1puTVVIcmFyQWppdWpicHlpQ0tCRmM1dWlxTjhRUHduNGJEbDk2VHppM1lHMDAzOFU4U282S1d4RjNzbUh3UmZBJTNEJTNE
.openx.net/ Name: pd
Value: v2|1700188612|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: 9c6d2cff-2cb8-4a99-ab65-fb92ad7d63c8
www.bolatimes.com/ Name: pbjs_debug
Value: 0
.ladsp.com/ Name: cr
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwimoa-emcizPBAFOAE.
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAwMTg4NjEyfQ
.openx.net/ Name: univ_id
Value: 537072971|9c6d2cff-2cb8-4a99-ab65-fb92ad7d63c8|1700188612923674
.ladsp.com/ Name: smn_uid
Value: tgKXfmDYRllTTqdxkp-MXw-yJj1AhJs
.ladsp.com/ Name: lum
Value: CJnSjdm9MRIFCAMQ0AU
www.bolatimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bolatimes.com/ Name: _clsk
Value: 11300lu|1700188613285|1|1|r.clarity.ms/collect
.outbrain.com/ Name: obuid
Value: 724b9d8d-15e3-4c7b-bc4c-4fee819ff7df
.bing.com/ Name: MUID
Value: 0F9DA9A4801762490A7ABA6881226374
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0F9DA9A4801762490A7ABA6881226374
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0F9DA9A4801762490A7ABA6881226374
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
accounts.google.com
ad.doubleclick.net
analytics.google.com
api.realtimely.io
assets.bolatimes.com
b1t-sindc1.zemanta.com
bcp.crwdcntrl.net
c.bannerflow.net
c.bing.com
c.clarity.ms
cdn-ima.33across.com
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn4-hbs.affinitymatrix.com
cm.g.doubleclick.net
connect.facebook.net
cr-p3.ladsp.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
go.rcvlinks.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbs.ph.affinity.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
jp-u.openx.net
match.adsrvr.org
media.bolatimes.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
r.clarity.ms
s0.2mdn.net
securepubads.g.doubleclick.net
stas.outbrain.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
ua.realtimely.io
us-u.openx.net
widgets.outbrain.com
www.bolatimes.com
www.clarity.ms
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
7e9d2d329f8633410f55965d7b4a21ff.safeframe.googlesyndication.com
103.43.90.54
104.17.202.110
104.18.216.65
104.22.53.86
104.26.10.188
104.26.9.44
124.146.153.169
13.107.21.200
13.107.246.70
13.224.250.104
13.33.88.98
13.33.89.72
136.243.84.75
142.251.10.156
142.251.10.84
142.251.10.97
142.251.12.155
142.251.175.106
142.251.175.157
142.251.175.94
151.101.1.229
157.240.235.1
162.19.138.83
172.217.194.149
172.253.118.157
172.64.151.101
172.64.152.89
172.67.69.226
182.161.73.129
182.161.73.136
20.119.174.243
20.125.62.241
23.108.101.160
23.44.1.119
3.33.220.150
34.102.146.192
34.120.135.53
34.96.68.18
34.96.70.87
35.244.159.8
54.251.97.106
64.185.181.238
64.233.170.149
64.233.170.154
66.225.223.31
74.125.130.155
74.125.130.95
74.125.68.101
74.125.68.132
74.125.68.156
74.125.68.94
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
022f6f7dd1ac8af8f705771edd61e4be32f38eb80c0637410394fb2ee6465fa1
042c34d69ae919d1e01e22b6497213dd0d5c177c2e6794a755756a189b3a613f
049d976322215b1e62d79b945454ce6529e2f0b5fbd571e4ffab7c948b01275a
05beed63a365eb8749fe8ed6f508ca967d2ee3a4c972d81d3276e0b16a3840c4
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beec731432cea38fcac5f80f1bc773aeb80661ad593aa56cbe4cedb961f0d91
0e4944585b03c55d5c6170e78cbeed0f6591d57df8248a08c6fc20d3014c0138
0ee8de8a6da7794670a5a5e03c710982769015213257de8e2a4f6842f297ca9a
0fa1db28c7b16a31b3ae04abee124e003cad337c553c935b8967fd33acf32607
106fca9c60be2faff1a0f13739de1589d86ec891edfac2d4f84af19a3c1c2f45
11329695813bcaf032fc8d59627e0d2f8a41fae671be984107a9a1c59910c78e
13014e5fd092f117122d19b5f12c3cba054a840a01a7ab6173bbc68e17fffc43
1378eff63769b68f255cab9f77f5f82e70b7674ae10acbc8be69f8b0582c608d
13f06a9dbf669edbb825ab6b8f114959e92d3c9beebb4136a33354a7cb66102a
1569edf4d640812bab5eb3a22e439cfd35f8b26c83c919f7a339dc471c2ee8b3
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1c3f53a13c8c4c7316c306ca86eacdb672a0873b7b1cf03a616c3a96a09f5e46
1c48733c4adc791e44dd7992f55e7c1173a58caf8124037151c40c9ea39d708a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c572e8c875cba2c548ea5bc3478fa83d8ba021a2325b89e11e01ea425ef0811
1db364bd307c0f2eb2796af082aae339f1acb86846639246a93b95d988ec0cbf
21fae736a19509fcd0afa37d4d95a3cea5d43e7f3f3ded30aacf6a7fb61c3c61
24fde836e50593b3f4e0edc1159d640f85fabd022520b7bba8c5a688b98e0232
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2a149142e7aba6801f84579262b984d0c6a2b6704c0e7b4cff4eba3e976c40e1
2badd7715dce54238a7b8cb1d0a25e7e605e6fe5756c22705b2fd24bcc40bdb3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30e887ffc827d8e14066e1d3f5fdd9d6d1bdec8aa0b5b39ff22c4e1aa4a86cfb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31d750b1a8bfae26043465fcd0951a982de23503b2265891a3a6929fe0f52768
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa
38d3466b28fe4248a142419874d4008ca890b223f265c466e2c94900fcbd2ce6
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ab16bc4cc5661dd1dadfd18645375a49b40e64e48a80cc38601f44028d58576
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d6660090e0079f8b307059d57f028c668247465674e4da173e2ecf9fe009b05
3e768b1e88a6a44601666afb01eb3874c040cb8697e58e86c289f25656ac0c56
3eebe49ddc75f35be00173e45643a11cc28dce972dd1b53c44b2fe38603cb01a
3f1d419798e0d1aadbf1454c16ee514d915714d3588e90f9da686d8574d4f287
414405a41dc818b5d2d5fbf03f51c04177651c751cf3d0fca72804b7b3fed16c
414fd180e1a3dc5850da54a3f7afe18bb0324618511c00ae9a48178d8ae14657
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4452a656d8e30f51db5e00d47fc827013467f6c77d0eb2de0b086e752ebf9262
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47500586c5c5acfe5c6d2ff6d08dbc9a443b7a10a67024ed18d6dc9fdefd821d
4792c402d2165a6cde3640d3b9090993bfc447b8639881fae73c753ec64888b9
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
497606174d33144abb9db14fde55cca26e006f8141db8cfe2dac34c78585efd1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eae2e1948bf1f8b9696938ca71777daad8893782db8c0c074c0fcff14cf48d1
4ec5cd81705e6dc7f93b1cf2a50aceecd31eec90148211f623e3d11e3480bac6
50c9d537facc7cfd32bac0a6b6e9639cce12dfe471197a78bd5f3b85b9ddf2fa
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
551c5f1015e32f444027f1b0e0fbf8cd348593a5a00fe74ec59dab9dc5ce3d55
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56714a79fb1573b83ae8252ff9dfa33614869a90123d09486b2bda5791dd5711
56acac9ea50579723b31eae059b783f8220899929ec3e397e242926bfcde1c2d
57a5d0a212d3bdf7f14e2a715ec3b4a5d590257e667549275f0cfbb035df8cf8
59f628436f747d32973941f468ab47b5307cdbba88ea740455f7fd912f5cf9a8
5a23c82fc80e27ccc5df075f120dbd9ac839fb93588f8f8d6edb833646f1e4f6
5b4f3a373b43be45d287885bf775e4f4277509f7543f414b19ff208f28eb7ba4
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
5fa07db6577bc73607647d694f530483d5d563877d1fcc1460647799eb28358b
60bdd0c41950428372a1d5404e8768303b97ad34ceb588d63d4cd731cb8eb753
60e07109ca0338dcae39f8d49c17b3b234dc81fb534ae3d6ab44060a52c2d4fc
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
615eb4546009b44f342dea2bcd5eaddbf5c65268902a415e963eacc495494fb7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b1ccec6d465e0bdf78e40b558dca30a96c7aa698b36b99ab786e2d5e0331b0
652d463e59f6d950519948c80bbf4a4b4cd0510a3eaa8cae88c7a89ab55c95b1
66056beb2d56a9a3ed2f5625ee14615945ed8cf536254a8480de89fc5825b9c5
66c7e9a6605b6c1ced90483eb699b60aeebda7a33a23c7632934f0488c5c68b4
67a2de0540b0ee3d53c1869982e1565527cbcf6725858ac2051abff71870c0df
685f33d71548130c8fed8a9c0d02f21e5a3337d163f3a2f11f0be64641169dda
6939394fb7890464c374a886ef09e2287d5bc9c43a6a64910b2f40b8b982eb6f
6f63f749d2267dadb8b10c1ba7c6f8e36fac467e528647db47776a08b6d05a2f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73df99b2543bfc3f8bde5e1d470611d0ff8fcdc4ab1abfbe946de1a813b72bad
73e86d5daba4248268210690a10bb5024dfc0e186c742c192c7ca58b8f682487
74bf6d30d1f9726bb82d6341ab71a04bca643be28deafd82a6405710b49b8755
75c893184b2a702bbf1caf35d14b9c43d08335d9365927ff9489437d84709ab7
7670b615e7c5b91305835bdb8b13336e3d9be8dede2d4e731b12be5a6590e545
782d79cd583e2ace22643b00d177e9c1a2e0d87a497fdc758ac6715d529d34b7
787b56142db4c0a5e6fb21531944e1dca215e14d02867fe40a326b26d08995a4
78effafe5fa6937673744b3f1c6d050ab815b361589f4555ff555d819d5c1046
7a38e124fad2734fa8b0717888c6881557043b3ddbf00d44e7226b636a43d3fd
7a5f9d5ec4ac7b8d14f6189e98dc51d6c6831396a32f6a7c90269a6e52314915
7d83abe1359e281d2ac57ecae09773d3bedde69af290aa0da28f39ca82934bc6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f0366375eb32d24989936bd0c17c6ae1a89d43eda432ac9a7f99459fc7d9266
7fd234bce7d54c4abd3da8eac793fca19a96ad314383832a848ec407a14507e7
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
87640fac50c7946537f86ff5c35077f41c56695bb321aba556913dbe4eb1c03c
88b42ffe380ad208f1d0b4f1b30f59477dbeab044feca8522be8671da2223dcc
8c892201d0583b03bdd5fd8b7db09d092b9a930b77c57e7d0c0bfab8a8d6bc91
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
90bc689a417cac3fa039c53b51572942e1263a8a2c5d722722cd039b7c420330
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95073c2532dce629e8ce366186746616e57a98dcccd00f9184b62ca501bd5516
95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec
955f06de08c6d6562a4bddc57f57129005d84264e91b663b68cca5163b83f17c
96bf708e701b0d6fe5f493a1983254796bb4e7539fe51eb93e8bc1e74e01c04b
98184db30baf34d5949deb54c2a3c0851c909dfcb4bdecb1a57c4e24cd930295
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ab958f1c80eecf60523291d3b6e0bfccf7e26199fecb415e53221f2400aeb1d
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9dcf43b6a90f025d824162b5bda4bce1fafc25626579e9b9f9c08e2af957e75d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1e514ace313ba09ad624c686083be7ef29ef76c2d6c71ed73c00c132a546349
a48a5159607c80af03b7dff8b73fb9d0f22b3497c66f4d1495ce935f4f6f9895
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a77e112010ee980f3df9c5e16b729081cb091d6c34bb77c1c86b7d17c3442397
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa5fdaca2a89a0342618ad7f221577ecc4c261e047e056340c0b75c1cce6a483
aa6a52660f62fef4faa93b277cd17520b222d8c4e62a13405b1c85c36e068664
aaffe543bb5a01ce9cab9f9e2d8fc9df9efb721248fd1c49e621d0a91dede90b
ab2154514cd89776005ddbc81a1dfbe05a7031f51bdb6fc1220d02c059c76e3e
ab6a4b24914043e50e5be2a01c4829b2cc8ad6f6e6ebed76d77634a56b02453c
ac987c576c16eb10e5220b449c01f51b6e1aa3fda5d7fdc63eb32ad55d1c0a2a
acb2f8a39e99cead3e9c3bfe90ea5a9e5c6c26bbb22819a6ea962873b94fd161
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b0c4c665f7471b3299d1eda0d2da8ee602283aa327b4b9bc92956560eb800146
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2140136b06fab3d72cf567ffd152b0d282a95ac5d1524be8caedb5d2d8afba6
b4905bdcd38e0a58ccd59e35935542e4ca029786bac89ac7059a41ddaf096139
b69f62c23c32d363eca98482ad5b3399aafad09de4bfa76c661d287eec783159
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b74f014560cbd04507f527744fa71f097bea8d22026835fd5565607f06aab853
ba574806800f34c2f9937ea0d569c151ccd6074a6815897adb492b58194884f5
be75ae335143362caabb6af5ce1dda1c40c5abb5f1f96ec4b8bdf658a2cde1ad
be9da179cb65bbd5860a4624ebff3a483668ad7d68d6bd85c48ee3ed71a2181b
c1a2d6c0401adf60f9cdf13b244e6766b49adb762fada13dcf33e071a12a5638
c3b53536facfed547d2c1809944ea7c227b43e3e7ae6c833c461066a1d158545
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c56e30b774781a2960137fafcab7d54984a0e8a35012972254ec199623af59d1
c6f5e506db19cb972a8173e9a44a15402ee87b6fc3dac64e399a0215f58698f0
c9ad95745dd78b3af6b361982a961bc581169cb614a8f2fc9802061f82f91176
cbf2a9054cab9fe08902b75da962ec0be18a1dd00b92b247383060b612faf6de
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d1815d23640fc8171f027670c9ecb1e6855c46150ed0882da26979f3cc78274a
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d9e4729145657d2eeb3c920013da34a3b6d382849057f7449ff91caa5732543e
dbd5dd5bc37546ce434f80d93c5e21800ffbc1c2e055c524afc79542a7b2707b
dc40939b257bc9a3e42e8925c0544b14e2460008ad25a195938afdaa34ee9900
dcaba92cdf59aea605e766e5e40f341b4cce9bc463c0fa0ce97d4985a6859b43
df8e9b7cc0c281f0b4db04a629f6c9f6e910ac2cf785880184403cf25d3c4abc
dfc012a02cfc5bc22cba65e9156b6c7a5210e3bfa7ecdc124efbbbd5ec5fa2cb
e03e11d5d3656e5123a258b05a3c755258d4f2892bca81d967122c3ee4bf7791
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3a43cbae9f436d19ba791a2cbff41dbf5c711f93adb10e31e1ffa2b508f552b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5489ce4eca7b3b322631ed6832e2650e3234d49896f2c8628c136137a91fa0d
e69f4169373eb4a6bab8d5fcdbfd63402d5cd44cc108bf9e3b8effd3d78ef934
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec5f9bf4dd5a9159928f94467c828317f653ca5330595db3fce41d06c3a56d65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6185934848f81fed204191bdefef62ffcb16faf4bebddb51db33f975e824c6f
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6d6f6347d1fc692a06339d5ceda1bd12482667b475f1e7b9d6ef50440afb9b2
fa4cca798ded68e410f3069603182923249372c3f8205ff49811dddba47caeb9
fa57b3b5dde5f6620c6110f91bd2bff612aad0f96b37df7240dfe48f2b76d973
fc0bced4f88a6c829f1bd6a5c968360719b5f264ef94d302b9dc46cf85f55e7d
fe27ef09a2cb7e29eb5d5e9cf0d49c9b439e7dd13520d5a5fa30ba5e20dd8c45
fe60b1e6e9c5344440f5f2621e31a20460731e77024eb5148af4b3c782d4b202
fe66cb7fbf8161bc2df338358bed1cbf07d6d3864a897dc25941c8ccaab248e8
ff3989936c9f3a276a41f68e5170f67076890d6f5c10db8f3f896ca03556e642