URL: http://66.39.117.197/
Submission: On February 21 via manual from ES

Summary

This website contacted 12 IPs in 3 countries across 13 domains to perform 31 HTTP transactions.
The main IP is 66.39.117.197, located in Pittsburgh, United States and belongs to PAIR-NETWORKS, US. The main domain is 66.39.117.197.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

Domain
Subdomains
Transfer
12 madridman.com
324 KB
4 google-analytics.com
7 KB
4 avendano.org
8 KB
3 doubleclick.net
0 B
3 googlesyndication.com
150 KB
2 youtube.com
0 B
2 google.com
844 B
2 google.es
2 KB
1 googletagservices.com
27 KB
1 google.de
171 B
1 munimadrid.es
0 B
1 117.197
31 KB
0 sitemeter.com Failed
s20.sitemeter.com Failed
s21.sitemeter.com Failed
0 B
31 13
Domain Requested by
12 www.madridman.com 66.39.117.197
pagead2.googlesyndication.com
4 www.google-analytics.com 2 redirects 66.39.117.197
4 www.avendano.org 3 redirects 66.39.117.197
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 pagead2.googlesyndication.com 66.39.117.197
pagead2.googlesyndication.com
2 www.youtube.com 1 redirects 66.39.117.197
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.google.com 66.39.117.197
1 informo.munimadrid.es 66.39.117.197
1 cse.google.es 66.39.117.197
1 www.google.es 1 redirects
1 66.39.117.197
0 s21.sitemeter.com Failed 66.39.117.197
0 s20.sitemeter.com Failed 66.39.117.197
31 16
Subject / Issuer Validity Valid
*.google.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months
avendano.org
Let's Encrypt Authority X3
2020-02-19 -
2020-05-19
3 months
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months
www.google.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months
*.g.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Web
Overall confidence: 100%
Detected patterns
  • script /sitemeter\.com\/js\/counter\.js\?site=/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
31 KB
31 KB
Document
General
Full URL
http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
d4ca263b5f772e9c4ef888b6c3bb7a047fb8776c87ae456c40b6c162e9bea9df

Request headers

Host
66.39.117.197
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:10 GMT
Server
Apache
Last-Modified
Wed, 26 Aug 2015 18:11:04 GMT
ETag
"7c81-51e3ac619e72b"
Accept-Ranges
bytes
Content-Length
31873
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
style.css
www.madridman.com/css
14 KB
14 KB
Stylesheet
General
Full URL
http://www.madridman.com/css/style.css
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
47b3834a0558159234839a29217e66cc12179542c732261891cbe748ea445a2d

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Sat, 22 Jan 2011 17:22:32 GMT
Server
Apache
ETag
"36c4-49a729ca74600"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14020
brand?form=cse-search-box&lang=en
cse.google.es/coop/cse
Redirect Chain
  • http://www.google.es/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=en
3 KB
2 KB
Script
General
Full URL
https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
pfe /
Resource Hash
60e1cf043ee933767df918fc53a01d7dbdbdd8e071740b4e11a3d7cc92bdde49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Feb 2020 09:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
790
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1182
x-xss-protection
0
expires
Fri, 21 Feb 2020 10:19:00 GMT

Redirect headers

Date
Fri, 21 Feb 2020 10:02:10 GMT
X-Content-Type-Options
nosniff
Server
sffe
Content-Type
text/html; charset=UTF-8
Location
https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=en
Cache-Control
private
Content-Length
265
X-XSS-Protection
0
counter.js?site=s202madrid
s20.sitemeter.com/js
0
0

camThumb.jpg
www.avendano.org
Redirect Chain
  • http://www.avendano.org/webthumb.jpg
  • https://www.avendano.org/webthumb.jpg
  • http://www.avendano.org/camThumb.jpg
  • https://www.avendano.org/camThumb.jpg
7 KB
7 KB
Image
General
Full URL
https://www.avendano.org/camThumb.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.39.149.138 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
avendano.org
Software
Apache /
Resource Hash
37c69037e6fed70175d077e1faa1a62398b00a495d3591c4ba4a68eb3d39de23

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Fri, 21 Feb 2020 09:52:13 GMT
Server
Apache
ETag
"1a43-59f12f9d35b92"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6723

Redirect headers

Location
https://www.avendano.org/camThumb.jpg
Date
Fri, 21 Feb 2020 10:02:11 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
221
Content-Type
text/html; charset=iso-8859-1
welcome-middle.jpg
www.madridman.com/graphics
26 KB
26 KB
Image
General
Full URL
http://www.madridman.com/graphics/welcome-middle.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
2808c31ea6af6fbd0ae1d7d425a8c6dac0448bab3f4d95ee5b5e7b9d815cdd84

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Mon, 17 Oct 2011 16:54:52 GMT
Server
Apache
ETag
"68c6-4af81772e2f00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
26822
cam_1.jpg
www.madridman.com
67 KB
67 KB
Image
General
Full URL
http://www.madridman.com/cam_1.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
3441dd43a13957ad4b2d19340f6952368910a409db81aa8f7e60a21da4e17ad9

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Tue, 13 Jan 2015 01:21:31 GMT
Server
Apache
ETag
"10c20-50c7e71629adc"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
68640
MadridMan-red-shirt-200x200.jpg
www.madridman.com/graphics
12 KB
13 KB
Image
General
Full URL
http://www.madridman.com/graphics/MadridMan-red-shirt-200x200.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
6323af6a7eb6efce81839f904690d1ebe67250af8d5bf25396d16ca0ccf96b92

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Mon, 18 Feb 2013 12:33:09 GMT
Server
Apache
ETag
"318d-4d5feed732b40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12685
show_ads.js
pagead2.googlesyndication.com/pagead
80 KB
30 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2125ee5847b3c5aa4cb36bb11f1423cd1130a92b50f3321c1502860d9eb13dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
3915823153753864242
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
30069
X-XSS-Protection
0
Expires
Fri, 21 Feb 2020 10:02:10 GMT
Camara00037.jpg
informo.munimadrid.es/informo/Camaras
0
0
Image
General
Full URL
http://informo.munimadrid.es/informo/Camaras/Camara00037.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
195.55.78.202 Madrid, Spain, ASN3352 (TELEFONICA_DE_ESPANA, ES),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*, *.munimadrid.es, datos.madrid.es
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
s-l-new.jpg
www.madridman.com/graphics
6 KB
6 KB
Image
General
Full URL
http://www.madridman.com/graphics/s-l-new.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
1b077b932d3ff1f958f4e4c5f15911a7f028fbd28dd8e6e1254e604a48168edf

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Fri, 30 Apr 2010 07:29:24 GMT
Server
Apache
ETag
"17d0-4856f33d05d00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6096
MadridToursMadridMan150x150.jpg
www.madridman.com/graphics/clientes
33 KB
33 KB
Image
General
Full URL
http://www.madridman.com/graphics/clientes/MadridToursMadridMan150x150.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
63d779dcdb78ea822d4050e29ad8d05fe8ff6cc51a0349dc86e1e317b0686032

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Sun, 22 Sep 2013 15:55:51 GMT
Server
Apache
ETag
"82f6-4e6faf021bde9"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33526
Rick-Steves-Spain-2015.jpg
www.madridman.com/graphics
39 KB
39 KB
Image
General
Full URL
http://www.madridman.com/graphics/Rick-Steves-Spain-2015.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
f401882f71cd2b90172190ff36cb5ef52ef384338a340d178aaa1feea3b665aa

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Wed, 26 Aug 2015 18:05:34 GMT
Server
Apache
ETag
"9b19-51e3ab26e9e21"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39705
counter.js?site=s21ALLMadridManCom
s21.sitemeter.com/js
0
0

urchin.js
www.google-analytics.com
Redirect Chain
  • http://www.google-analytics.com/urchin.js
  • https://www.google-analytics.com/urchin.js
22 KB
7 KB
Script
General
Full URL
https://www.google-analytics.com/urchin.js
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 20 Feb 2020 10:25:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
85019
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=1209600
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6847
expires
Thu, 05 Mar 2020 10:25:11 GMT

Redirect headers

Location
https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason
HSTS
bg.gif
www.madridman.com/img
70 B
336 B
Image
General
Full URL
http://www.madridman.com/img/bg.gif
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
857fed6c7eb175a0b0c9b027c7d7cc9c523ec76b8ea1c93945e9be7c69967cac

Request headers

Referer
http://www.madridman.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Wed, 13 Jun 2007 11:29:58 GMT
Server
Apache
ETag
"46-432c7ef173980"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
70
orange-li.gif
www.madridman.com/img/orange
73 B
339 B
Image
General
Full URL
http://www.madridman.com/img/orange/orange-li.gif
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
66783077bcb7b3de57618fc3915238c5f40ca3307b78804f01d07c8e5cd735f5

Request headers

Referer
http://www.madridman.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Wed, 13 Jun 2007 11:29:58 GMT
Server
Apache
ETag
"49-432c7ef173980"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
73
googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x
551 B
673 B
Image
General
Full URL
https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 04 Feb 2020 04:27:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2017 21:30:00 GMT
server
sffe
age
1488901
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
551
x-xss-protection
0
expires
Wed, 03 Feb 2021 04:27:10 GMT
Plaza-Mayor-top1.jpg
www.madridman.com/graphics
124 KB
125 KB
Image
General
Full URL
http://www.madridman.com/graphics/Plaza-Mayor-top1.jpg
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
81f8b4a9b34af977400b2c3b678e46e9a003165c0a5c2bcf4c98609da17ac9c9

Request headers

Referer
http://www.madridman.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Wed, 26 Aug 2015 18:03:04 GMT
Server
Apache
ETag
"1f16b-51e3aa987238c"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
127339
cat-box-rep.png
www.madridman.com/img
173 B
440 B
Image
General
Full URL
http://www.madridman.com/img/cat-box-rep.png
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
Apache /
Resource Hash
dd42180579ab765552d741ef56dac16060d9016c6344d8644b3d0e326dab5f53

Request headers

Referer
http://www.madridman.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 21 Feb 2020 10:02:11 GMT
Last-Modified
Wed, 13 Jun 2007 11:29:58 GMT
Server
Apache
ETag
"ad-432c7ef173980"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
173
integrator.js?domain=66.39.117.197
adservice.google.de/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=66.39.117.197
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 10:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js?domain=66.39.117.197
adservice.google.com/adsid
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=66.39.117.197
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 10:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200219/r20190131
221 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 10:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84526
x-xss-protection
0
server
cafe
etag
16542440073614270090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Feb 2020 10:02:11 GMT
shadow.gif
www.madridman.com/img
0
0
Image
General
Full URL
http://www.madridman.com/img/shadow.gif
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
66.39.117.197 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS
madridman.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.madridman.com/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200219/r20190131
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200219/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://66.39.117.197/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://66.39.117.197/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 19 Feb 2020 21:29:28 GMT
expires
Wed, 04 Mar 2020 21:29:28 GMT
content-type
text/html; charset=UTF-8
etag
3560819023258359450
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4495
x-xss-protection
0
cache-control
public, max-age=1209600
age
131563
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
vt59LcnQQPvc?fs=1&hl=en_US
www.youtube.com
Redirect Chain
  • http://www.youtube.com/vt59LcnQQPvc?fs=1&hl=en_US
  • https://www.youtube.com/vt59LcnQQPvc?fs=1&hl=en_US
0
0
Document
General
Full URL
https://www.youtube.com/vt59LcnQQPvc?fs=1&hl=en_US
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/vt59LcnQQPvc?fs=1&hl=en_US
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://66.39.117.197/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://66.39.117.197/

Response headers

status
404
cache-control
no-cache
content-length
513
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
date
Fri, 21 Feb 2020 10:02:11 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Location
https://www.youtube.com/vt59LcnQQPvc?fs=1&hl=en_US
Non-Authoritative-Reason
HSTS
&utmac=UA-1031627-3&utmcc=__utma%3D88418076.531479956.1582279331.1582279331.1582279331.1%3B%2B__utmz%3D88418076.1582279331.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20Hotels%2...
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20H...
  • https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20...
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20Hotels%2C%20%26%20Madrid%20Tourist%20Information&utmhn=66.39.117.197&utmhid=1206699542&utmr=-&utmp=/&utmac=UA-1031627-3&utmcc=__utma%3D88418076.531479956.1582279331.1582279331.1582279331.1%3B%2B__utmz%3D88418076.1582279331.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Requested by
Host: 66.39.117.197
URL: http://66.39.117.197/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jan 2020 06:32:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2604595
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20Hotels%2C%20%26%20Madrid%20Tourist%20Information&utmhn=66.39.117.197&utmhid=1206699542&utmr=-&utmp=/&utmac=UA-1031627-3&utmcc=__utma%3D88418076.531479956.1582279331.1582279331.1582279331.1%3B%2B__utmz%3D88418076.1582279331.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason
HSTS
66.39.117.197&dtd=68
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3253826265442960&output=html&h=280&slotname=1037283570&adk=1954588263&adf=1819147759&w=336&lmt=1440612664&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2F...
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3253826265442960&output=html&h=280&slotname=1037283570&adk=1954588263&adf=1819147759&w=336&lmt=1440612664&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2F66.39.117.197%2F&flash=0&wgl=1&adsid=NT&dt=1582279331137&bpp=16&bdt=685&fdt=56&idt=57&shv=r20200219&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3264237182019&frm=20&pv=2&ga_vid=531479956.1582279331&ga_sid=1582279331&ga_hid=1206699542&ga_fc=1&iag=0&icsg=43040&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=767&ady=607&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C368226501&oid=3&pvsid=675446191514286&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CoeE%7C&abl=NS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=0qghBdQv7R&p=http%3A//66.39.117.197&dtd=68
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3253826265442960&output=html&h=280&slotname=1037283570&adk=1954588263&adf=1819147759&w=336&lmt=1440612664&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2F66.39.117.197%2F&flash=0&wgl=1&adsid=NT&dt=1582279331137&bpp=16&bdt=685&fdt=56&idt=57&shv=r20200219&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3264237182019&frm=20&pv=2&ga_vid=531479956.1582279331&ga_sid=1582279331&ga_hid=1206699542&ga_fc=1&iag=0&icsg=43040&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=767&ady=607&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C368226501&oid=3&pvsid=675446191514286&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CoeE%7C&abl=NS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=0qghBdQv7R&p=http%3A//66.39.117.197&dtd=68
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://66.39.117.197/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://66.39.117.197/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 21 Feb 2020 10:02:11 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 10:17:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js?cb=%2Fr20100101
www.googletagservices.com/activeview/js/current
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 10:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582122122802407"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27674
x-xss-protection
0
expires
Fri, 21 Feb 2020 10:02:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js
106 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57d86ccce386cbc6a37ae1f8980e15255f643ce6e311f47981af7e8b51669aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://66.39.117.197/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 10:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38664
x-xss-protection
0
server
cafe
etag
9733363383085419960
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Feb 2020 10:02:11 GMT
ads?client=ca-pub-3253826265442960&output=html&adk=1009504094&adf=228370879&lmt=1440612664&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C...
googleads.g.doubleclick.net/pagead
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3253826265442960&output=html&adk=1009504094&adf=228370879&lmt=1440612664&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2F66.39.117.197%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582279331668&bpp=9&bdt=1217&fdt=10&idt=10&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1037283570&nras=1&correlator=3264237182019&frm=20&pv=1&ga_vid=531479956.1582279331&ga_sid=1582279331&ga_hid=1206699542&ga_fc=1&iag=0&icsg=698400&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C368226501&oid=3&pvsid=675446191514286&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3253826265442960&output=html&adk=1009504094&adf=228370879&lmt=1440612664&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2F66.39.117.197%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582279331668&bpp=9&bdt=1217&fdt=10&idt=10&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1037283570&nras=1&correlator=3264237182019&frm=20&pv=1&ga_vid=531479956.1582279331&ga_sid=1582279331&ga_hid=1206699542&ga_fc=1&iag=0&icsg=698400&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C368226501&oid=3&pvsid=675446191514286&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://66.39.117.197/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://66.39.117.197/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 21 Feb 2020 10:02:11 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlQa43qEmY3g8A8u8QFgr-HCQ1WogsiuICp7bBHfWiBk-NXjtX2ud5G4xJ2; expires=Wed, 17-Mar-2021 10:02:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Fri, 21 Feb 2020 10:02:11 GMT
cache-control
private

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 2
  • http://www.google.es/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=en
Request 4
  • http://www.avendano.org/webthumb.jpg
  • https://www.avendano.org/webthumb.jpg
  • http://www.avendano.org/camThumb.jpg
  • https://www.avendano.org/camThumb.jpg
Request 14
  • http://www.google-analytics.com/urchin.js
  • https://www.google-analytics.com/urchin.js
Request 25
  • http://www.youtube.com/vt59LcnQQPvc?fs=1&hl=en_US
  • https://www.youtube.com/vt59LcnQQPvc?fs=1&hl=en_US
Request 26
  • http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20H...
  • https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=531479956&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Hostales%20Madrid%2C%20Apartments%2C%20...

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s20.sitemeter.com
URL
http://s20.sitemeter.com/js/counter.js?site=s202madrid
Domain
s21.sitemeter.com
URL
http://s21.sitemeter.com/js/counter.js?site=s21ALLMadridManCom

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| site object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| googleToken object| googleIMState function| processGoogleToken boolean| _gfp_p_ boolean| _gfp_a_ number| google_unique_id object| google_sa_queue object| google_sl_win function| google_process_slots object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_core_dbp object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_bfa object| ebfa object| ebfaca object| google_eids object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_lact object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_only_pyv_ads object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_scs object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_video_url_to_fetch object| google_webgl_support object| google_yt_pt object| google_yt_up object| google_package object| google_debug_params object| google_enable_single_iframe object| dash object| google_refresh_count object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map object| google_t12n_vars string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno number| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| adsbygoogle function| google_spfd

8 Cookies

Domain/Path Name / Value
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: cL47MsDCSPg
66.39.117.197/ Name: __utmz
Value: 88418076.1582279331.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
66.39.117.197/ Name: __utma
Value: 88418076.531479956.1582279331.1582279331.1582279331.1
66.39.117.197/ Name: __utmc
Value: 88418076
.youtube.com/ Name: YSC
Value: vImK-2GgIE4
66.39.117.197/ Name: __utmb
Value: 88418076
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

66.39.117.197
adservice.google.com
adservice.google.de
cse.google.es
googleads.g.doubleclick.net
informo.munimadrid.es
pagead2.googlesyndication.com
s20.sitemeter.com
s21.sitemeter.com
www.avendano.org
www.google-analytics.com
www.google.com
www.google.es
www.googletagservices.com
www.madridman.com
www.youtube.com

s20.sitemeter.com
s21.sitemeter.com


195.55.78.202
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:817::2002
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2003
66.39.117.197
66.39.149.138

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691
1b077b932d3ff1f958f4e4c5f15911a7f028fbd28dd8e6e1254e604a48168edf
2125ee5847b3c5aa4cb36bb11f1423cd1130a92b50f3321c1502860d9eb13dec
2808c31ea6af6fbd0ae1d7d425a8c6dac0448bab3f4d95ee5b5e7b9d815cdd84
3441dd43a13957ad4b2d19340f6952368910a409db81aa8f7e60a21da4e17ad9
37c69037e6fed70175d077e1faa1a62398b00a495d3591c4ba4a68eb3d39de23
47b3834a0558159234839a29217e66cc12179542c732261891cbe748ea445a2d
57d86ccce386cbc6a37ae1f8980e15255f643ce6e311f47981af7e8b51669aba
60e1cf043ee933767df918fc53a01d7dbdbdd8e071740b4e11a3d7cc92bdde49
6323af6a7eb6efce81839f904690d1ebe67250af8d5bf25396d16ca0ccf96b92
63d779dcdb78ea822d4050e29ad8d05fe8ff6cc51a0349dc86e1e317b0686032
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
66783077bcb7b3de57618fc3915238c5f40ca3307b78804f01d07c8e5cd735f5
753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96
81f8b4a9b34af977400b2c3b678e46e9a003165c0a5c2bcf4c98609da17ac9c9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857fed6c7eb175a0b0c9b027c7d7cc9c523ec76b8ea1c93945e9be7c69967cac
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
d4ca263b5f772e9c4ef888b6c3bb7a047fb8776c87ae456c40b6c162e9bea9df
dd42180579ab765552d741ef56dac16060d9016c6344d8644b3d0e326dab5f53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f401882f71cd2b90172190ff36cb5ef52ef384338a340d178aaa1feea3b665aa