urlscan.io logo urlscan.io
SecurityTrails logo

newstimecleo.biz.id Open in urlscan Pro
172.67.199.102  Public Scan

Go To Rescan Add Verdict Report
URL: https://newstimecleo.biz.id/news/
Submission: On April 12 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 50 HTTP transactions. The main IP is 172.67.199.102, located in United States and belongs to CLOUDFLARENET, US. The main domain is newstimecleo.biz.id.
TLS certificate: Issued by GTS CA 1P5 on April 5th 2024. Valid for: 3 months.
This is the only time newstimecleo.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 172.67.199.102 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.240.108.84 7979 (SERVERS-COM)
9 192.0.77.2 2635 (AUTOMATTIC)
1 172.66.40.196 13335 (CLOUDFLAR...)
11 172.67.161.247 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 149.56.240.127 16276 (OVH)
50 12
4    172.67.199.102 (United States)

ASN13335 (CLOUDFLARENET, US)
newstimecleo.biz.id
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
12    2606:4700:3036::6815:f52 (United States)

ASN13335 (CLOUDFLARENET, US)
newsboyers.biz.id
2    172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)
noisesperusemotel.com
9    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i2.wp.com
i0.wp.com
i1.wp.com
1    172.66.40.196 (United States)

ASN13335 (CLOUDFLARENET, US)
pop.dojo.cc
11    172.67.161.247 (United States)

ASN13335 (CLOUDFLARENET, US)
newsboyers.biz.id
1    2606:4700:10::6814:4273 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
23 newsboyers.biz.id
newsboyers.biz.id Failed
322 KB
9 wp.com
i2.wp.com — Cisco Umbrella Rank: 8417
i0.wp.com — Cisco Umbrella Rank: 3855
i1.wp.com — Cisco Umbrella Rank: 8209
96 KB
4 newstimecleo.biz.id
newstimecleo.biz.id
16 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14847
s4.histats.com — Cisco Umbrella Rank: 14903
5 KB
2 noisesperusemotel.com
noisesperusemotel.com
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 376
fonts.googleapis.com — Cisco Umbrella Rank: 35
7 KB
1 dojo.cc
pop.dojo.cc — Cisco Umbrella Rank: 468418
4 KB
50 8
Domain Requested by
23 newsboyers.biz.id newstimecleo.biz.id
newsboyers.biz.id
4 i1.wp.com newstimecleo.biz.id
4 newstimecleo.biz.id 2 redirects newsboyers.biz.id
3 i0.wp.com newstimecleo.biz.id
2 fonts.gstatic.com fonts.googleapis.com
2 i2.wp.com newstimecleo.biz.id
2 noisesperusemotel.com newstimecleo.biz.id
1 s4.histats.com s10.histats.com
1 fonts.googleapis.com ajax.googleapis.com
1 s10.histats.com newstimecleo.biz.id
1 pop.dojo.cc newstimecleo.biz.id
1 ajax.googleapis.com newstimecleo.biz.id
50 12

This site contains links to these domains. Also see Links.

Domain
tielabs.com
newsboyers.biz.id
Subject Issuer Validity Valid
newstimecleo.biz.id
GTS CA 1P5		 2024-04-05 -
2024-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
newsboyers.biz.id
GTS CA 1P5		 2024-04-02 -
2024-07-01		 3 months crt.sh
noisesperusemotel.com
R3		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
dojo.cc
GTS CA 1P5		 2024-03-08 -
2024-06-06		 3 months crt.sh
s10.histats.com
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
histats.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newstimecleo.biz.id/news/
Frame ID: 35328E22DB923F86A0D1300FEDE66E66
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

news – News Online

Page URL History Show full URLs

  1. https://newstimecleo.biz.id/news HTTP 301
    https://newstimecleo.biz.id/news/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

84 %
HTTPS

45 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

465 kB
Transfer

977 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newstimecleo.biz.id/news HTTP 301
    https://newstimecleo.biz.id/news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://newstimecleo.biz.id/favicon.ico HTTP 302
  • https://newsboyers.biz.id/wp-includes/images/w-logo-blue-white-bg.png

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newstimecleo.biz.id/news/
Redirect Chain
  • https://newstimecleo.biz.id/news
  • https://newstimecleo.biz.id/news/
57 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf5efe3286091d4b7dff17e85f62428a2b4373b14fb3b24f39d47f2504cb7d8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87317e413d895d92-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 07:27:19 GMT
link
<https://newstimecleo.biz.id/wp-json/>; rel="https://api.w.org/" <https://newstimecleo.biz.id/wp-json/wp/v2/categories/1>; rel="alternate"; type="application/json"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjfiSOLQghH2qljURfApCIRABSDTxMub0TCS3iFPAlxcDLjLJajkq8xrd8ftwXzB4NdbOk8bcRMRE6AMnChzO5fWrX%2B9DykTMfufvonug%2Bc7atNZYbmoMvXJBcakog6nnFQ62fsa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
41f_HTTP.200,41f_category,41f_URL.0144d13ca63bef8f74c84789c6e77d31,41f_T.1,41f_

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87317e29e9025d92-FRA
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 07:27:19 GMT
location
https://newstimecleo.biz.id/news/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H02d0GaQaQFiTJx%2BDwOFNqxCFC%2F63tS%2Fxc38JIVuLu2wv2P7AEpo2Fo9md6E%2FUqt40L92tkp7Al4EENKr9HKKXVTmE1gAd6RY2eCcaqNTvplAHDddpWhJlTwzBz65YfPS4dLoFfw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
41f_HTTP.200,41f_HTTP.301,41f_category,41f_URL.0144d13ca63bef8f74c84789c6e77d31,41f_T.1,41f_
x-redirect-by
WordPress
tielabs-fonticon.woff
newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		0
0
fa-solid-900.woff2
newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/ 		0
0
fa-brands-400.woff2
newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/ 		0
0
fa-regular-400.woff2
newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/ 		0
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 12:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 12:56:23 GMT
wpp.css
newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/css/ 		2 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 14:45:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"688-65ef1906-6580bcd;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nF9p9zQcOy%2FgJtbwAgNndR9FlpGMBVoYtpdON4LC8LE3O%2BRblbOYvxxOu2RHf8xtJHUkPbS9q7fAHBVsQAs6bcaymBJftfrgCrot2NaUzPHgOmBcv%2Fxt48tWfJj9nltVoMuJRUv%2Ff5jS7QxC9Z%2F4IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e456eb79a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
base.min.css
newsboyers.biz.id/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a3b0-65f9bf9b-65805e0;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBIkYiCic4J9v8L6H9%2FlxORiOfZEbP63SsJQ9jQeCFc3iuoMk%2FukJQ77y4n4SPyOZ%2FX0nn%2FP%2FF6tFo2BHLSW0YEbJh3f%2FJlfFce18k4Y36DJhwm1%2FIDuFmYC%2BNyYfYctwq13P46n5pqeJ9YMuMeEmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e456eb59a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
style.min.css
newsboyers.biz.id/wp-content/themes/jannah/assets/css/ 		171 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2aca3-65f9bf9b-6580695;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=siAZ%2BI8v6hLOa%2FQrPXV8T442nPCPWbSl14Q%2FsMMFwTZwXh%2BnsmnSb5qO1GqgTvI4B7BLk%2BnLgn4R9%2BZS1XGUX6oiK%2FzOtrB0x97d48R5C4RzwH6%2BbiQGacZo2miwyUPLU1XVj6kYirNlj5EFrw2t7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e456eb69a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
widgets.min.css
newsboyers.biz.id/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d37e-65f9bf9b-6580698;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BToW2D0LOCvZccTzLIPNgM2kEgwleHRWbstgP4bubsSNwh%2BsiEpqGpn4c%2F%2FgRwzaUS0lq07UnNt5sMHc3XQowKNdidZFFXEoGDHqyg8GhHQRKD2fHnuG3zfu3p2sZN%2B%2B%2FNsdkg8HMzKESPaLDk3vjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e455eb49a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
helpers.min.css
newsboyers.biz.id/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3b78-65f9bf9b-65805e2;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBMEJoBYJVr0FIqQL0zwVkdhfm4eQ3b3X4UXdXVJBmb%2BiZGrYdUzNqxuLSPABW2Jbt53cdEdR3uQXPfJrF0VkwCdvgXMNLvS1gVLyKBa8f1VnnrvviIKWj6qXHyUpMkax3uscZ6R7BWH03Tv2UwUNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e455eb39a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
fontawesome.css
newsboyers.biz.id/wp-content/themes/jannah/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e526-65f9bf9b-6580696;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPIjOlpwuSsYCCPPoMhxFn4LJwgjT8lvV0a0tJfSdiuG5sEByjZOars3k%2FuvedsxqwhGm822ktB352YWtJPUjHpCE3iJ%2FBZiCmFqB7YcH%2BF8U6dNtzv21spP0k4GVVIKFT%2BBDSFXVXRdQiuL1KtCuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e455eb19a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
skin.css
newsboyers.biz.id/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2ef2-65f9bf9b-65805d1;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtJOTzNjar%2FEERJ%2BMMT20WvkGeoLyreweB2%2F1fqNLM5E%2BbuaeI2tWtd9FpQxLgAS0FSmWuoz0KrHje9jlARjRlHHGLI2c9nRq3eOHVIjyTEXyXJnnvhwpg8b9Wl8x%2FDxOLVox0xE56G6hUHLAsDC4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e455eb09a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
style.css
newsboyers.biz.id/wp-content/themes/jannah-child/ 		602 B
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah-child/style.css?ver=6.5.2
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020600f12c7f01e28904df701750c46c4f005f10ed07f0852a4bc33d7854165

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:41:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"25a-65f9c025-6580472;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpqeDJsKmZfguHe%2BqcULk6b8IGfg9LX0cpAQ3k9OgM4EU%2FUwD%2B3UVjBjIBZuxv1kovTjHpb%2FaS20LF%2Bya%2BHgxY8bUu1sj7zRmbqn1i%2B0ACu7vFY1p95PzToJTMosaV4bxffX1B3dw%2BdC4qrWi%2Fl8wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
87317e455eb29a2d-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 12 Apr 2024 19:27:19 GMT
jquery.min.js
newsboyers.biz.id/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 02 Apr 2024 17:34:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15601-660c419e-6567c88;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VwA7uztlidE5dJqP%2FYhQeb29EEk9Bikp51ypa6vp4czvhjgNGsN2enVvfXNDYuw8%2FCV%2BakzRy56PzSNM7YpTE2jgZq%2BOXUhFgGMya0AR04oegbXsXi3LUe17E385Hj3biAbwjAvRG24xRF3BRd2Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e456ebc9a2d-FRA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
newsboyers.biz.id/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 17:34:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3509-660c419e-6567cd9;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abTMqn8v7M19%2F0QJQpffWLhVh6hCIBTJ1V5EU3bOTJOccJ0l6hgbawiRGR4D0Y2tYEpCpj0yRyRLQgY13hUOR4i8HnWLDY795ct8UQp3BgC5YJF1sTUS0JuSbL62QbHR4ChC677ueiml787B3D3r2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e456ebd9a2d-FRA
alt-svc
h3=":443"; ma=86400
wpp.min.js
newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 14:45:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11d3-65ef1906-6580ba9;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HcW6oyeXhq08glbP9YUjFMlAISEdTWe3NAdVmfEbDcasqGhb20QxJiOn12RQ8nHMX9MlhRn3XuGlHZn%2BqktA9wjRYp1RUVhwszjXtESSPh9UX3EZlHI%2F4tDg8qrrwWc6KNDHvt2I917AV2tU8wW6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e456eba9a2d-FRA
alt-svc
h3=":443"; ma=86400
invoke.js
noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 07:27:20 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
og.jpg
i2.wp.com/www.hardwarezone.com.sg/thumbs/708746/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/www.hardwarezone.com.sg/thumbs/708746/og.jpg?0314&w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
34d2f127ab1dffdd2ea8aaff935e42113ac89dd7476830903706a0b181b83991
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6086
x-nc
MISS ams 4
last-modified
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
etag
"3ae4387d5a88f6b3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.hardwarezone.com.sg/thumbs/708746/og.jpg>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:20 GMT
a2e29fa6c2433c3f.jpeg
i0.wp.com/images.sportsbrief.com/images/1200x675/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.sportsbrief.com/images/1200x675/a2e29fa6c2433c3f.jpeg?v=1&w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
65177f9775e3bb9c4376563259780eb2ab2ddb8316dc28241e0615e42b752a22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
9652
x-nc
MISS ams 1
last-modified
Fri, 12 Apr 2024 07:27:19 GMT
server
nginx
etag
"e338da912ad9dc1e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.sportsbrief.com/images/1200x675/a2e29fa6c2433c3f.jpeg>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:19 GMT
1712906383136817.jpg
i1.wp.com/qnews.com.au/wp-content/uploads/socialmark-images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/qnews.com.au/wp-content/uploads/socialmark-images/1712906383136817.jpg?w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1b3c7f6d67e5d31d903d0c5bc7dfa0f1f88ac7444a67aa1180b94d34514ee194
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
6252
x-nc
MISS ams 7
last-modified
Fri, 12 Apr 2024 07:27:19 GMT
server
nginx
etag
"068b2218818dc349"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://qnews.com.au/wp-content/uploads/socialmark-images/1712906383136817.jpg>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:19 GMT
8029.js
pop.dojo.cc/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pop.dojo.cc/8029.js
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2220e4644b84f73723399d4cca51189b57bfb80ae825dd7ccb8efd9d94e5773d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWaJAgG1WEu8MIWCw91YWAY7vbBGFCVm6edZ2rsGhRpnypQJxNz8q4AbNRROvELvf0Gbs8H0P8ZmiajzKgOuuzqWasiLMyGC8srjntees63NA%2B8zQTMptOLcGkKuqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
87317e45b9cf906c-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
scripts.min.js
newsboyers.biz.id/wp-content/themes/jannah/assets/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"57c9-65f9bf9b-6580533;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTLekvoOb4ayiR%2FJnYpyZEp445iXSs3CJN%2FSQtRMqwA2r40Es%2F1%2BoScaEaWcNFh0rtoyHdn5GVjlwdSMZ%2FIyzRNJMPA4Z3NlyJjitgwS7U99tbu0RdfgafofUqsIfZho4XShJzYtdsaVaYmAVIjAMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e45aee69a2d-FRA
alt-svc
h3=":443"; ma=86400
lightbox.js
newsboyers.biz.id/wp-content/themes/jannah/assets/ilightbox/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"13e0f-65f9bf9b-65805de;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2B%2BE2U7C7VU%2BCv92iuf3rbNqbrKMhPQoy%2BeuUrPhf0YIzhCfjVMrnbyQnWmCR4jGyOA8O4q%2B3J7Yw5maIBdzQXKZRrMPngz4W8qYMCWC2BDKw2YYpVczSNKxmPTXNq5pX%2BUc1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e45cb239b7c-FRA
alt-svc
h3=":443"; ma=86400
desktop.min.js
newsboyers.biz.id/wp-content/themes/jannah/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4198-65f9bf9b-6580545;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSJYvVoRECByyFL7o1Zc8klxwOiAB6icKsp6DqeUuUBCM0sI7boehKZhtpXJzY6Z0K7R327Z9fIDjBKbDvA68mnGzbaHgh2ItlLMIzmIH6VbLSiXyMQTUTOgH5%2FENPC0nocBKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e45cb249b7c-FRA
alt-svc
h3=":443"; ma=86400
live-search.js
newsboyers.biz.id/wp-content/themes/jannah/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3909-65f9bf9b-658054a;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NxqObanLmqtMeIJKOHetmUIsIcmAcotqxM4AGQzcKb4pn7TRIM22e711bd4EXnRz5%2FMehAIHJl952DDa7srBgeRNvPHACtXAF3YYVT%2B9JjJAWbROHpzJfdQDnNhBqAuxjBiNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e45cb259b7c-FRA
alt-svc
h3=":443"; ma=86400
json-ld.js
newsboyers.biz.id/wp-content/plugins/featured-image-from-url/includes/html/js/ 		507 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/plugins/featured-image-from-url/includes/html/js/json-ld.js?ver=4.6.9
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 06 Apr 2024 17:50:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1fb-66118b71-65c07b3;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YZ3BploJsEt1DbSysS32Z22dzXc5IgM62FsKkn1otUkHqhlHgFphdroevQslF%2BK%2BUG7fzB0yp5ET7PjyqMpiR97dLjssQWZLlxbHEg7zV9FK3Uwx1v4Uysz9OOQ6zAJtuF3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e45cb269b7c-FRA
alt-svc
h3=":443"; ma=86400
br-news.js
newsboyers.biz.id/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 19 Mar 2024 16:38:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15da-65f9bf9b-6580531;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTvIBh0bm3DTrqb3USFyl1s2NnwfCPxhFoWzm8A7eYZYJjjoVJurnZZ2FO%2FdLWo9x9QYtQbVoahUbvmN2iZQHirBhd72vXPmfKquVJ2gGEkIQiOI%2BjwM1F5mWotkDp7lgvGCEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e45cb299b7c-FRA
alt-svc
h3=":443"; ma=86400
e67089b4-eba3-41f9-bef0-31f2eb1b8beb
https://newstimecleo.biz.id/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newstimecleo.biz.id/e67089b4-eba3-41f9-bef0-31f2eb1b8beb
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
invoke.js
noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 07:27:20 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
41712
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
87317e4a1ebd8c4f-FRA
content-length
4547
tielabs-fonticon.ttf
newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		0
0
Untitled-design-2024-04-12T124812.077-1024x576.jpg
i2.wp.com/images.businessupturn.com/wp-content/uploads/2024/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/images.businessupturn.com/wp-content/uploads/2024/04/Untitled-design-2024-04-12T124812.077-1024x576.jpg?w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ebff3a5ef18e9dc8077753b98ea2db9d0655b9d121855a56c610d6b272500f1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
15042
x-nc
MISS ams 4
last-modified
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
etag
"2ca21e4edefc12a5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.businessupturn.com/wp-content/uploads/2024/04/Untitled-design-2024-04-12T124812.077-1024x576.jpg>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:20 GMT
Cardfight-Vanguard-Season-2.jpg
i1.wp.com/www.comingsoon.net/wp-content/uploads/sites/3/2024/02/ 		65 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.comingsoon.net/wp-content/uploads/sites/3/2024/02/Cardfight-Vanguard-Season-2.jpg?resize=1200,630&w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
MISS ams 6
date
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
alt-svc
h3=":443"; ma=86400
content-type
text/html; charset=utf-8
2016-11-23T215226Z_1_LYNXMPECAM1HT_RTROPTP_2_USA-STOCKS.JPG
i1.wp.com/www.marketscreener.com/images/reuters/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/www.marketscreener.com/images/reuters/2016-11-23T215226Z_1_LYNXMPECAM1HT_RTROPTP_2_USA-STOCKS.JPG?w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
5d42023e51606fef2332e9dd99cbb2498645c6fb36e13b683b43b5aef298bca7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
x-content-type-options
nosniff
x-bytes-saved
2184
alt-svc
h3=":443"; ma=86400
content-length
28010
x-nc
MISS ams 7
last-modified
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
etag
"56981681a5127807"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.marketscreener.com/images/reuters/2016-11-23T215226Z_1_LYNXMPECAM1HT_RTROPTP_2_USA-STOCKS.JPG>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:20 GMT
GettyImages-2147059822.jpg
i0.wp.com/assets.kyivindependent.com/content/images/2024/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/assets.kyivindependent.com/content/images/2024/04/GettyImages-2147059822.jpg?w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
89ccdd5e1fcc02ff4be488d2895c3e0bd2156acb708ec1928aa72711103c7d9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
12538
x-nc
MISS ams 4
last-modified
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
etag
"a65fac6909b3b371"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://assets.kyivindependent.com/content/images/2024/04/GettyImages-2147059822.jpg>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:20 GMT
1712906300666.webp
i1.wp.com/tsnapi.truescoopnews.com/news/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/tsnapi.truescoopnews.com/news/1712906300666.webp?w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0ff3a7127110f2159f9f78412b08fb58f4e443081904d002eb63a52fbe873486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
8424
x-nc
MISS ams 6
last-modified
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
etag
"dab273b1f26db633"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://tsnapi.truescoopnews.com/news/1712906300666.webp>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:20 GMT
109239569.jpg
i0.wp.com/static.toiimg.com/thumb/msid-109239569,width-1280,height-720,resizemode-4/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/static.toiimg.com/thumb/msid-109239569,width-1280,height-720,resizemode-4/109239569.jpg?w=390&resize=390,220&ssl=1
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b16ba812ba07ba2a2ec4f007fbae4306836d0fa9c8276baf23a2ed1eb46fed1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
9014
x-nc
MISS ams 3
last-modified
Fri, 12 Apr 2024 07:27:20 GMT
server
nginx
etag
"c034d5fca3c05686"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://static.toiimg.com/thumb/msid-109239569,width-1280,height-720,resizemode-4/109239569.jpg>; rel="canonical"
expires
Sun, 12 Apr 2026 19:27:20 GMT
css
fonts.googleapis.com/ 		2 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3dcb09e9990df1da1e26f5982c8830e9435ac25fe2d4e23a42ca9aedf62b71fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 05:59:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Apr 2024 07:27:20 GMT
wp-emoji-release.min.js
newsboyers.biz.id/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: newstimecleo.biz.id
URL: https://newstimecleo.biz.id/news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:20 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Apr 2024 08:32:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4926-660d1418-6567af8;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dmrj5N2LVDwFcf5I5fsNO0jQBsDlRWr1m2kD6N98jrCbnsesc73DeHPaJANwDOq5yS9zYD2Qxp25n97A40Z5ARpkRBg1FMzVfjwsInwc3VlMld299DpCVDu6wjUsvqNdXsQajw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
87317e4a0e969b7c-FRA
alt-svc
h3=":443"; ma=86400
widget
newstimecleo.biz.id/wp-json/wordpress-popular-posts/v2/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newstimecleo.biz.id/wp-json/wordpress-popular-posts/v2/widget?is_single=0
Requested by
Host: newsboyers.biz.id
URL: https://newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3832261be34d79747a036d9adaab7ec2d60ce1bd6e5d0ce28245d0aea2d72e70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://newstimecleo.biz.id/news/
X-Requested-With
XMLHttpRequest
X-WP-Nonce
f6be047645
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control
no-cache
x-litespeed-tag
41f_HTTP.200
alt-svc
h3=":443"; ma=86400
server
cloudflare
allow
POST
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://newstimecleo.biz.id
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ngd2zvnRI1Jd2%2BoB3tC66KkzSs3LHdXXouztMRQX9EHQGltX7PLhOKHb1hFLmarC573w21RHqvrM0evKwMiYYTby1TDxyVYXBSy6sVq%2FKQSIsAw6%2Bem2iQwo%2FooMGfF9cioRhT2D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
vary
Origin,Accept-Encoding
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://newstimecleo.biz.id/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
87317e4a0d495d92-FRA
x-wp-nonce
f6be047645
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://newstimecleo.biz.id
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 18:34:04 GMT
x-content-type-options
nosniff
age
478396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 18:34:04 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://newstimecleo.biz.id
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 13:26:32 GMT
x-content-type-options
nosniff
age
496848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 13:26:32 GMT
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4562058&@f16&@g1&@h1&@i1&@j1712906840678&@k0&@l1&@mnews%20%E2%80%93%20News%20Online&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:92895707&@b3:1712906841&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fnewstimecleo.biz.id%2Fnews%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
9b9fabe7a4e5b4ccdccb88436d0ad911d8a225d3ce1afad407d1e1907568c4cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 07:27:20 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
w-logo-blue-white-bg.png
newsboyers.biz.id/wp-includes/images/
Redirect Chain
  • https://newstimecleo.biz.id/favicon.ico
  • https://newsboyers.biz.id/wp-includes/images/w-logo-blue-white-bg.png
4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://newsboyers.biz.id/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://newstimecleo.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Apr 2024 07:27:21 GMT
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 17:34:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1017-660c419e-6567a80;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FjnbJP9k1%2FHNF2sojz3aKjfbdYgcyqhXXkGzRHp4RV%2BXVWpz4nlNrPAEIn9Xv2SumFCqORDyM8UjM2AUmlNUvOJ1ihDMY%2BoccuJCyH%2FhK8O4toxujWWZdEoOS0wn33wVC7%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
87317e4edaa09b7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
4119
expires
Fri, 12 Apr 2024 19:27:21 GMT

Redirect headers

date
Fri, 12 Apr 2024 07:27:21 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
x-litespeed-cache
miss
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMHNlQG1CD6G3JcRtMIBVzREVDxISwACrpoy3fjbc5SpXmqaQDngnuVZMxwCQHKDvIJ2jlH6lTdpA6hbN9nrDzsRkzgOGw4%2BWXBqVXkyrTDyR%2BkclMX5s0AUpaozVnyv%2FQJiZ2g9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://newsboyers.biz.id/wp-includes/images/w-logo-blue-white-bg.png
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
41f_HTTP.200,41f_HTTP.302,41f_default,41f_URL.b54ff2eddcb0060bcd786ce388d8d4d7,41f_
cf-ray
87317e4c1f2e5d92-FRA
link
<https://newstimecleo.biz.id/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
94129-featured-300x300.jpg
newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/ 		0
0
63219-featured-300x300.jpg
newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/63219-featured-300x300.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
731a8ced684452f95ab44a0faa4320148f8aa321623a9143286fbeb7547bf67b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:21 GMT
cf-cache-status
MISS
last-modified
Sun, 07 Apr 2024 04:38:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5ae8-6612233d-659c3c7;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YceObBswwb3TMNUVrZ8jqC9Ll8ynN5KthCL73iCsEI8HHHiNVqL8FP3OF0aS6IcbAi78N5P1jmojrWHiXwMkhNkrb2Bom2d4B4mT3Qq0jElZE7UTxXvzotDBCns%2Bn6ElSxVXoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
87317e517d0c9b7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
23272
expires
Fri, 12 Apr 2024 19:27:21 GMT
103746-featured-300x300.png
newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/103746-featured-300x300.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a04368a6a6fa2b9fa94d737a37e77a477cbe3421dc87753cd46cc1078d407e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:21 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Apr 2024 04:03:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1b081-6614be21-66ad25d;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ratat%2BQIuWE%2F9YV6aOW57ZPUFr%2Bo4Yr5c2V2eD75Iy154Q2OnfNuhb9kX48JS79e7XAsGeC8ldDsznvz3Cg10jVb0oCs0eHe9VNsUlc1AaxjYKZ0u%2BuzENvEcfJFgOAnTYFw9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
87317e517d0d9b7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
110721
expires
Fri, 12 Apr 2024 19:27:21 GMT
no_thumb.jpg
newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsboyers.biz.id/wp-content/plugins/wordpress-popular-posts/assets/images/no_thumb.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec2b74ad32b648473333db6a8ea99c4c5ca8012a9ad9d30696fca840791f5bab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:21 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 14:45:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"974-65ef1906-6580b9e;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dq0ZOZeGh%2Bw1w86QzvAQGnUmxsJrEegO3i4GgUCaDwshPXpJbzCItZOELU%2FDc9LrAYH6x1D%2FpTbpW7gumN8toAkKR0H3SRCzjyyu1AfgB5dR%2FnxZQXkdWQ0TkJBgViQJnXt4Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
87317e517d0e9b7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
2420
expires
Fri, 12 Apr 2024 19:27:21 GMT
73250-featured-300x300.jpg
newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/73250-featured-300x300.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755c5a112b1f6285c50870bb160b7aac5a6465b38980b94b9c68bbf0305c7bf7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://newstimecleo.biz.id/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 07:27:21 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Apr 2024 21:55:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"56f1-66185c34-6588536;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1U260fahWD4LGseIWnQ4MdAlQsr2GCj0Ahliodgq02EWzqy9xaalAxHSVqA5zNG3YIXI04StH%2BmL8Xv6Mva0%2B18qTZ%2FOY7qtgsQxzb7s6WTnsNSbxt2pwX%2F6z193ms6Wu8fzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=43200
accept-ranges
bytes
cf-ray
87317e517d119b7c-FRA
alt-svc
h3=":443"; ma=86400
content-length
22257
expires
Fri, 12 Apr 2024 19:27:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
newsboyers.biz.id
URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Domain
newsboyers.biz.id
URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Domain
newsboyers.biz.id
URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Domain
newsboyers.biz.id
URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Domain
newsboyers.biz.id
URL
https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf
Domain
newsboyers.biz.id
URL
https://newsboyers.biz.id/wp-content/uploads/wordpress-popular-posts/94129-featured-300x300.jpg

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| atOptions function| closeAd object| _Hasync function| referer_se function| referer_sm function| referer_empty function| referer_not_empty function| str_contains function| setInnerHTML function| inject function| create_pu function| dpu object| pu object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes boolean| megaMenuAjax object| Modernizr function| TieSticky object| fifuJsonLd object| WebFontConfig function| loadCSS string| c object| WebFont object| pux object| php_js number| distance number| time object| animationAction function| chfh function| chfh2 string| _HST_cntval object| Histats object| twemoji object| wp object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
newstimecleo.biz.id/ Name: HstCfa4562058
Value: 1712906840678
newstimecleo.biz.id/ Name: HstCla4562058
Value: 1712906840678
newstimecleo.biz.id/ Name: HstCmu4562058
Value: 1712906840678
newstimecleo.biz.id/ Name: HstPn4562058
Value: 1
newstimecleo.biz.id/ Name: HstPt4562058
Value: 1
newstimecleo.biz.id/ Name: HstCnv4562058
Value: 1
newstimecleo.biz.id/ Name: HstCns4562058
Value: 1

16 Console Messages

Source Level URL
Text
javascript error URL: https://newstimecleo.biz.id/news/
Message:
Access to font at 'https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff' from origin 'https://newstimecleo.biz.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://newstimecleo.biz.id/news/
Message:
Access to font at 'https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2' from origin 'https://newstimecleo.biz.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://newstimecleo.biz.id/news/
Message:
Access to font at 'https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2' from origin 'https://newstimecleo.biz.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://newstimecleo.biz.id/news/
Message:
Access to font at 'https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2' from origin 'https://newstimecleo.biz.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://newstimecleo.biz.id/news/(Line 147)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://newstimecleo.biz.id/news/(Line 147)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
recommendation verbose URL: https://newstimecleo.biz.id/news/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://i1.wp.com/www.comingsoon.net/wp-content/uploads/sites/3/2024/02/Cardfight-Vanguard-Season-2.jpg?resize=1200,630&w=390&resize=390,220&ssl=1
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://newstimecleo.biz.id/news/
Message:
Access to font at 'https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf' from origin 'https://newstimecleo.biz.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://newsboyers.biz.id/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
i1.wp.com
i2.wp.com
newsboyers.biz.id
newstimecleo.biz.id
noisesperusemotel.com
pop.dojo.cc
s10.histats.com
s4.histats.com
newsboyers.biz.id
149.56.240.127
172.240.108.84
172.66.40.196
172.67.161.247
172.67.199.102
192.0.77.2
2606:4700:10::6814:4273
2606:4700:3036::6815:f52
2a00:1450:4001:800::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
0ff3a7127110f2159f9f78412b08fb58f4e443081904d002eb63a52fbe873486
1b3c7f6d67e5d31d903d0c5bc7dfa0f1f88ac7444a67aa1180b94d34514ee194
2220e4644b84f73723399d4cca51189b57bfb80ae825dd7ccb8efd9d94e5773d
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04
34d2f127ab1dffdd2ea8aaff935e42113ac89dd7476830903706a0b181b83991
3832261be34d79747a036d9adaab7ec2d60ce1bd6e5d0ce28245d0aea2d72e70
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3dcb09e9990df1da1e26f5982c8830e9435ac25fe2d4e23a42ca9aedf62b71fc
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5d42023e51606fef2332e9dd99cbb2498645c6fb36e13b683b43b5aef298bca7
65177f9775e3bb9c4376563259780eb2ab2ddb8316dc28241e0615e42b752a22
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
731a8ced684452f95ab44a0faa4320148f8aa321623a9143286fbeb7547bf67b
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
755c5a112b1f6285c50870bb160b7aac5a6465b38980b94b9c68bbf0305c7bf7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80a04368a6a6fa2b9fa94d737a37e77a477cbe3421dc87753cd46cc1078d407e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
89ccdd5e1fcc02ff4be488d2895c3e0bd2156acb708ec1928aa72711103c7d9d
8b9e686457dcdbe229329076432ea1239d05c3d4411f89bcebf0951bbf00ff6d
9b9fabe7a4e5b4ccdccb88436d0ad911d8a225d3ce1afad407d1e1907568c4cf
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
b16ba812ba07ba2a2ec4f007fbae4306836d0fa9c8276baf23a2ed1eb46fed1a
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
baf5efe3286091d4b7dff17e85f62428a2b4373b14fb3b24f39d47f2504cb7d8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d020600f12c7f01e28904df701750c46c4f005f10ed07f0852a4bc33d7854165
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
ebff3a5ef18e9dc8077753b98ea2db9d0655b9d121855a56c610d6b272500f1d
ec2b74ad32b648473333db6a8ea99c4c5ca8012a9ad9d30696fca840791f5bab
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149