www.walletline.naumantour.com Open in urlscan Pro
103.97.141.225  Public Scan

32 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.walletline.naumantour.com/	42 KB 9 KB	640ms 218ms	Document text/html	103.97.141.225 IDNIC-PTAMI-AS-ID...
General Check archive.org Show headers Download Go to Full URL https://www.walletline.naumantour.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.97.141.225 , Indonesia, ASN136845 (IDNIC-PTAMI-AS-ID PT Apik Media Inovasi, ID), Reverse DNS parakang.in-hell.com Software LiteSpeed / PHP/5.6.38 Resource Hash a426983549201f1c761daebb73794baf4ac3d42f8d20401864b0f7234c8ec14b Request headers :method GET :authority www.walletline.naumantour.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-powered-by PHP/5.6.38 content-type text/html; charset=UTF-8 vary Accept-Encoding, Cookie cache-control max-age=3, must-revalidate content-encoding br date Sun, 22 Nov 2020 16:35:07 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	129 KB 45 KB	54ms 22ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.walletline.naumantour.com URL: https://www.walletline.naumantour.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 16:35:07 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 45330 x-xss-protection 0 server cafe etag 5588824410463320120 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 22 Nov 2020 16:35:07 GMT
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	43ms 14ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700 Requested by Host: www.walletline.naumantour.com URL: https://www.walletline.naumantour.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3cc3e302240913c8c2351345099477787aa52d3226f8478404451497c712f1be Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff last-modified Sun, 22 Nov 2020 16:13:39 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin date Sun, 22 Nov 2020 16:35:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sun, 22 Nov 2020 16:35:07 GMT
GET		front.css walletline.com/wp-content/plugins/simple-social-buttons/assets/css/	0 0
GET		style.css walletline.com/wp-content/plugins/whatsapp/	0 0
GET		style.css walletline.com/wp-content/themes/mysocial/	0 0
GET		genericons.css walletline.com/wp-content/themes/mysocial/genericons/	0 0
GET		responsive.css walletline.com/wp-content/themes/mysocial/	0 0
GET		jquery.js walletline.com/wp-includes/js/jquery/	0 0
GET		jquery-migrate.min.js walletline.com/wp-includes/js/jquery/	0 0
GET		front.js walletline.com/wp-content/plugins/simple-social-buttons/assets/js/	0 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	35ms 32ms	Script application/javascript	2a00:1450:4001:817::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-67265321-2 Requested by Host: www.walletline.naumantour.com URL: https://www.walletline.naumantour.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 46488325f97d4ef0a05e2e5e1b94b1d3dc289aa964d95d0af2628ac58d7440da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 16:35:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38703 x-xss-protection 0 last-modified Sun, 22 Nov 2020 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 22 Nov 2020 16:35:11 GMT
GET H/1.1	200 OK	pixel.png www.linkwithin.com/	0 0	197ms 161ms	Image text/html	34.98.99.30 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL http://www.linkwithin.com/pixel.png Requested by Host: www.walletline.naumantour.com URL: https://www.walletline.naumantour.com/ Protocol HTTP/1.1 Server 34.98.99.30 , United States, ASN15169 (GOOGLE, US), Reverse DNS 30.99.98.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET		superfish.js walletline.com/wp-content/themes/mysocial/assets/js/	0 0
GET		modernizr.min.js walletline.com/wp-content/themes/mysocial/assets/js/	0 0
GET		html5.js walletline.com/wp-content/themes/mysocial/assets/js/	0 0
GET		jquery.custom.js walletline.com/wp-content/themes/mysocial/assets/js/	0 0
GET		wp-embed.min.js walletline.com/wp-includes/js/	0 0
GET H3-Q050	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/	231 KB 87 KB	68ms 46ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 16:35:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 88601 x-xss-protection 0 server cafe etag 4353532171737760018 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 22 Nov 2020 16:35:11 GMT
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v18/	9 KB 9 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:819::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.walletline.naumantour.com Referer https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 16:29:44 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:27 GMT server sffe age 518727 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9080 x-xss-protection 0 expires Tue, 16 Nov 2021 16:29:44 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 0989	0 0	28ms 5ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20201112/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.walletline.naumantour.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.walletline.naumantour.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sun, 22 Nov 2020 01:05:46 GMT expires Sun, 06 Dec 2020 01:05:46 GMT content-type text/html; charset=UTF-8 etag 5228831996244654541 x-content-type-options nosniff content-encoding gzip server cafe content-length 4745 x-xss-protection 0 cache-control public, max-age=1209600 age 55765 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 679 B	27ms 26ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Kl%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A206%3A299)%0Aat%20Jl%20(adsbygoogle.js%3A204%3A373)%0Aat%20Sl%20(adsbygoogle.js%3A213%3A480)%0Aat%20b%20(adsbygoogle.js%3A214%3A36)%0Aat%20Tl%20(adsbygoogle.js%3A214%3A173)%0Aat%20Zl%20(adsbygoogle.js%3A221%3A298)%0Aat%20Ul%20(adsbygoogle.js%3A218%3A427)%0Aat%20adsbygoogle.js%3A215%3A45%0Aat%20he.n.ga%20(adsbygoogle.js%3A62%3A294)%0Aat%20ve%20(adsbygoogle.js%3A71%3A357)&shv=r20201112&eid=21068084&client=ca-pub-6544928974111162&url=https%3A%2F%2Fwww.walletline.naumantour.com%2F Requested by Host: www.walletline.naumantour.com URL: https://www.walletline.naumantour.com/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 22 Nov 2020 16:35:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		Uang-Bulanan-Cepat-Habis-Baca-Cara-Mengatur-Keuangan-Keluarga-Agar-Efisien-300x300.jpg walletline.com/wp-content/uploads/2019/01/	0 0
GET		Biaya-Sekolah-Tinggi-Intip-Dulu-Cara-Menabung-Di-Bank-Untuk-Anak-300x300.jpg walletline.com/wp-content/uploads/2019/01/	0 0
GET		Cara-Gampang-Memulai-Bisnis-Pulsa-dan-Trik-Agar-Bisa-Sukses.jpg walletline.com/wp-content/uploads/2017/08/	0 0
GET		Intip-Strategi-BRI-Untuk-Sukseskan-Program-Kredit-Usaha-Rakyat.jpeg walletline.com/wp-content/uploads/2017/07/	0 0
GET		Bingung-Memulai-Bisnis-Online-8-Ini-Cara-Ini-Bisa-Diterapakan-Untuk-Memulai-Bisnis-Baju-Online-Murah-1.jpg walletline.com/wp-content/uploads/2017/07/	0 0
GET		Kuliah-Diluar-Negeri-Dan-Beberapa-Hal-Yang-Harus-Disiapkan-Buat-Studi-Kamu-300x187.png walletline.com/wp-content/uploads/2017/07/	0 0
GET		Cara-Mengisi-Fraktur-Pajak-Dan-Persyaratan-Yang-Harus-Diperhatikan-1-300x200.jpg walletline.com/wp-content/uploads/2017/07/	0 0
GET		Buka-jasa-Les-Private-300x266.png walletline.com/wp-content/uploads/2017/07/	0 0
GET		8-Tips-dan-Cara-Menjadi-Reseller-Online-Shop-Sukses-Yang-Patut-Diikuti-300x150.jpg walletline.com/wp-content/uploads/2017/07/	0 0
GET H3-Q050	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v18/	9 KB 9 KB	34ms 20ms	Font font/woff2	2a00:1450:4001:819::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.walletline.naumantour.com Referer https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 21 Nov 2020 19:32:26 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:28 GMT server sffe age 75765 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9132 x-xss-protection 0 expires Sun, 21 Nov 2021 19:32:26 GMT
GET		widget.js www.linkwithin.com/	0 0
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	20ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.walletline.naumantour.com URL: https://www.walletline.naumantour.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63f97da27bef4106b59b1e07a58badc81232eb9d0e6edde71b87f460aa338c6d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 P1Gm65aBBS0G6O7rh/l4bA== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1778 etag "980b7b80f85963c53f15b59cf940e2e0" x-fb-debug 4nFBR2GV/tRVoQl6JNIQHyFnfChuywRcjVMvduxqowjqEnmhIOtUhoWQlBRm7PbaVcZl9FcOq2TeEHTa2m5mOQ== x-fb-trip-id 664085054 x-fb-content-md5 9e0a0fd245399652ef02fac63f8e53fc x-frame-options DENY date Sun, 22 Nov 2020 16:35:11 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * expires Sun, 22 Nov 2020 16:51:54 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-67265321-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 4763 date Sun, 22 Nov 2020 15:15:48 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sun, 22 Nov 2020 17:15:48 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 398 B	49ms 15ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=834486541&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walletline.naumantour.com%2F&ul=en-us&de=UTF-8&dt=Walletline&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1627167471&gjid=1831941752&cid=535884731.1606062912&tid=UA-67265321-2&_gid=684896784.1606062912&_r=1&gtm=2oub41&z=310065477 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 22 Nov 2020 16:35:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.walletline.naumantour.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	195 KB 59 KB	17ms 5ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=86cdbf8e64de3eafefc215b82796bc78&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0b786ee05482268a429fed259aee233fec3126786588fc2dc81c91cb6427fafe Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://www.walletline.naumantour.com Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 V9IcPvj8oeglmM+9JBVr5g== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 60126 etag "21cfb1c5de075bc10044aaa81e56de95" x-fb-debug O3pqVsi7H4qkw/qy7+fq4oULg/+z5Q6Y/LfcSZCTpkKy0U/pz/+mEWtJvYmBGLUtjjHxbnGi3Grd5GlS9Vco0g== x-fb-trip-id 664085054 x-fb-content-md5 2d693ebd1e28686a426ec56c03cfd47a x-frame-options DENY date Sun, 22 Nov 2020 16:35:11 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * expires Mon, 22 Nov 2021 14:13:13 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	204 B 644 B	143ms 51ms	Script text/javascript	216.58.206.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.walletline.naumantour.com&callback=_gfp_s_&client=ca-pub-6544928974111162 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s20-in-f2.1e100.net Software cafe / Resource Hash 12b1a9a9c83392a009c46befa530dedb3e1973a9bfba50f2d4ae09af2dd19959 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 16:35:11 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 195 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 803 B	37ms 16ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.walletline.naumantour.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sun, 22 Nov 2020 16:35:11 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 803 B	35ms 14ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.walletline.naumantour.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sun, 22 Nov 2020 16:35:11 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H3-Q050	403	ads googleads.g.doubleclick.net/pagead/ Frame 5329	0 0	118ms 117ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6544928974111162&output=html&adk=1812271804&adf=3025194257&lmt=1606062911&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.walletline.naumantour.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606062907959&bpp=3691&bdt=103&idt=3837&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7028750523335&frm=20&pv=2&ga_vid=535884731.1606062912&ga_sid=1606062912&ga_hid=834486541&ga_fc=0&iag=0&icsg=671260672&dssz=26&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=4190293519501664&pem=593&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=3856 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6544928974111162&output=html&adk=1812271804&adf=3025194257&lmt=1606062911&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.walletline.naumantour.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606062907959&bpp=3691&bdt=103&idt=3837&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7028750523335&frm=20&pv=2&ga_vid=535884731.1606062912&ga_sid=1606062912&ga_hid=834486541&ga_fc=0&iag=0&icsg=671260672&dssz=26&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068084&oid=3&pvsid=4190293519501664&pem=593&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=3856 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.walletline.naumantour.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.walletline.naumantour.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sun, 22 Nov 2020 16:35:11 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Sun, 22-Nov-2020 16:50:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 16:35:11 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1605702985553312" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 28207 x-xss-protection 0 expires Sun, 22 Nov 2020 16:35:11 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 97 B	13ms 12ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-67265321-2&cid=535884731.1606062912&jid=1627167471&gjid=1831941752&_gid=684896784.1606062912&_u=IEBAAUAAAAAAAC~&z=2126121190 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 22 Nov 2020 16:35:11 GMT content-type text/plain access-control-allow-origin https://www.walletline.naumantour.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	sodar Show response pagead2.googlesyndication.com/getconfig/	8 KB 7 KB	47ms 30ms	XHR application/json	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dccebbdd750201596081881db72e88824b1c101d34306c9a69a2973ecad12585 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Sun, 22 Nov 2020 16:35:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 6408 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	16 KB 6 KB	39ms 15ms	Script text/javascript	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 22 Nov 2020 16:35:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1603823857801521" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6015 x-xss-protection 0 expires Sun, 22 Nov 2020 16:35:12 GMT
GET H3-Q050	200	runner.html tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7639	0 0	34ms 20ms	Document text/html	2a00:1450:4001:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/219/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.walletline.naumantour.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.walletline.naumantour.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 4867 date Sun, 22 Nov 2020 15:41:34 GMT expires Mon, 22 Nov 2021 15:41:34 GMT last-modified Mon, 05 Oct 2020 22:33:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3218 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	204	gen_204 pagead2.googlesyndication.com/pagead/	0 46 B	15ms 15ms	Image image/gif	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=4190293519501664&bg=!oqGloYHNAAUoamvQKFhIQbzD4WiZvwIAAACBUgAAABNoAQcKAMI03qCY0KgWe6EcpG5PhKpKqRC-m8BrmrbRJTUAXAKYng-DSpebGN7urMaHQtcmjTp31RM9_gNd5BJsP8GaNy4z26afWaUW32H5aECghi7zzX2jk_Pk5OwopH5Qm98OAPLz4DeyNGkEqQKrF4oCw1y5-CAmbs2PlVH3KPZ_agqZVe-gmQLWi5I-qoMkmOD1YVpZJj23m_PA7Xe51uhmEEySbaWCOFRMDooHBFW7CmBLrL-BstKa8ghW58CRU1jXpsf4xpkBxr-AUxcG41O-ajcoi5cfRT_uke7eLHv9BiUafIjRNJ5PHQvzKde56UD26dyA8DjBaXVf_cxOHhFcQUqoB62KD1deW40RsFSTn11WVYUCwlyfcjw-JSqOigPx05PAqlyd9D-sR2OgZU1Y994zTR7adQFXDHbF05X9k_NzVsypF0BTd5tfWxPOVa5KVqGKV7M_RpyMkZwWKM0Zpo57Dh_rg7u7dUPBm1CMVmQdHwlGkivyOXWLnhXQ-LErb22mpqNsz4RMX4abwLsqdUDLnDUF47Xq-frxQBqPcfVk1ObUFrOninSEi6uMDVfVt3wpc0cWmmmjP8s_vcRzhvpkn3X44XLRNTRRi8qk5sekRSP8qSNdl2h9dRbtS41602_CawyOKLszn9LlYJ1cXNJmfk2XHadQWyBK0JiZPpK72Kj85E9LwKSffVmyJDgp40u0zZt1QRDOMPtnbZy5lxsBEDT4AVADT2Bwz-f_2d2R1WVhdGhuxNYYYsYwYHC0Sk8mPmudlQJI9EBVHeMjVLCEIcXevnrQw8qZxP8sKWrOWRvTo7V4tg1-uIAeIUM6AU8bKlQzndfN7UrkYRkxTwjz1lQcExZi-8RId-g Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.walletline.naumantour.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 22 Nov 2020 16:35:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

walletline.com

URL

https://walletline.com/wp-content/plugins/simple-social-buttons/assets/css/front.css?ver=2.0.20

Domain

walletline.com

URL

https://walletline.com/wp-content/plugins/whatsapp/style.css?ver=4.8.12

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/style.css?ver=20180523

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/genericons/genericons.css?ver=4.8.12

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/responsive.css?ver=20161209

Domain

walletline.com

URL

https://walletline.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Domain

walletline.com

URL

https://walletline.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Domain

walletline.com

URL

https://walletline.com/wp-content/plugins/simple-social-buttons/assets/js/front.js?ver=2.0.20

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/assets/js/superfish.js?ver=4.8.12

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/assets/js/modernizr.min.js?ver=4.8.12

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/assets/js/html5.js?ver=4.8.12

Domain

walletline.com

URL

https://walletline.com/wp-content/themes/mysocial/assets/js/jquery.custom.js?ver=20170228

Domain

walletline.com

URL

https://walletline.com/wp-includes/js/wp-embed.min.js?ver=4.8.12

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2019/01/Uang-Bulanan-Cepat-Habis-Baca-Cara-Mengatur-Keuangan-Keluarga-Agar-Efisien-300x300.jpg

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2019/01/Biaya-Sekolah-Tinggi-Intip-Dulu-Cara-Menabung-Di-Bank-Untuk-Anak-300x300.jpg

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/08/Cara-Gampang-Memulai-Bisnis-Pulsa-dan-Trik-Agar-Bisa-Sukses.jpg

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/07/Intip-Strategi-BRI-Untuk-Sukseskan-Program-Kredit-Usaha-Rakyat.jpeg

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/07/Bingung-Memulai-Bisnis-Online-8-Ini-Cara-Ini-Bisa-Diterapakan-Untuk-Memulai-Bisnis-Baju-Online-Murah-1.jpg

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/07/Kuliah-Diluar-Negeri-Dan-Beberapa-Hal-Yang-Harus-Disiapkan-Buat-Studi-Kamu-300x187.png

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/07/Cara-Mengisi-Fraktur-Pajak-Dan-Persyaratan-Yang-Harus-Diperhatikan-1-300x200.jpg

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/07/Buka-jasa-Les-Private-300x266.png

Domain

walletline.com

URL

http://walletline.com/wp-content/uploads/2017/07/8-Tips-dan-Cara-Menjadi-Reseller-Online-Shop-Sukses-Yang-Patut-Diikuti-300x150.jpg

Domain

www.linkwithin.com

URL

http://www.linkwithin.com/widget.js

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| gtag object| dataLayer function| google_spfd object| google_sv_map object| google_image_requests number| linkwithin_site_id string| linkwithin_div_class object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| FB function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.naumantour.com/	1970-01-19 23:29:18	Name: __gads Value: ID=b253152d1ea74083-22cc5ff977a6000e:T=1606062911:RT=1606062911:S=ALNI_MblEODZuBlbehBHvi1BRwFTgoJBPg
			.naumantour.com/	1970-01-19 14:07:42	Name: _gat_gtag_UA_67265321_2 Value: 1
			.naumantour.com/	1970-01-19 14:09:09	Name: _gid Value: GA1.2.684896784.1606062912
			.doubleclick.net/	1970-01-19 14:07:43	Name: test_cookie Value: CheckForPermission
			.naumantour.com/	1970-01-20 07:38:54	Name: _ga Value: GA1.2.535884731.1606062912

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
walletline.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.linkwithin.com
www.walletline.naumantour.com
walletline.com
www.linkwithin.com
103.97.141.225
216.58.206.2
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2001
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
34.98.99.30
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b786ee05482268a429fed259aee233fec3126786588fc2dc81c91cb6427fafe
12b1a9a9c83392a009c46befa530dedb3e1973a9bfba50f2d4ae09af2dd19959
3cc3e302240913c8c2351345099477787aa52d3226f8478404451497c712f1be
46488325f97d4ef0a05e2e5e1b94b1d3dc289aa964d95d0af2628ac58d7440da
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
63f97da27bef4106b59b1e07a58badc81232eb9d0e6edde71b87f460aa338c6d
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
968ce7d681b37b90d094599a68fbaff53b3f8b492b28776089ac50c0c861019e
a426983549201f1c761daebb73794baf4ac3d42f8d20401864b0f7234c8ec14b
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
dccebbdd750201596081881db72e88824b1c101d34306c9a69a2973ecad12585
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b