urlscan.io logo urlscan.io
SecurityTrails logo

hotelromanonegombo.com Open in urlscan Pro
2606:4700:30::6818:79cf  Public Scan

Go To Rescan Add Verdict Report
URL: http://hotelromanonegombo.com/
Submission: On November 13 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 26 HTTP transactions. The main IP is 2606:4700:30::6818:79cf, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is hotelromanonegombo.com.
This is the only time hotelromanonegombo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:30:... 13335 (CLOUDFLAR...)
1 104.20.2.47 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.20.3.47 13335 (CLOUDFLAR...)
26 12
2    2606:4700:30::6818:79cf (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hotelromanonegombo.com
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
5    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
5    2606:4700:30::6818:78cf (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hotelromanonegombo.com
1    104.20.2.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.statcounter.com
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
4    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    104.20.3.47 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.statcounter.com
Domain Requested by
7 hotelromanonegombo.com hotelromanonegombo.com
5 pagead2.googlesyndication.com hotelromanonegombo.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 cdnjs.cloudflare.com hotelromanonegombo.com
2 fonts.gstatic.com hotelromanonegombo.com
1 c.statcounter.com hotelromanonegombo.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.statcounter.com hotelromanonegombo.com
1 fonts.googleapis.com hotelromanonegombo.com
26 10
Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
*.statcounter.com
Go Daddy Secure Certificate Authority - G2		 2018-01-16 -
2019-01-17		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://hotelromanonegombo.com/
Frame ID: B9B3CD02E251848A3C2D61B87FD052B8
Requests: 21 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/show_ads_impl.js
Frame ID: A494B0A62BE7D79E9C71866B899E2D57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181107/r20180604/zrt_lookup.html
Frame ID: 6319DE22321D540195AEDF7EA5CB669E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7885397051315846&output=html&h=90&slotname=7440010011&adk=3407547372&adf=2889041356&w=980&fwrn=4&fwrnh=100&lmt=1542144828&rafmt=1&guci=1.2.0.0.2.2.0.0&format=980x90&url=http%3A%2F%2Fhotelromanonegombo.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1542144828017&bpp=12&bdt=75&fdt=84&idt=78&shv=r20181107&cbv=r20180604&saldr=aa&abxe=1&correlator=2126422969306&frm=20&pv=2&ga_vid=1273163445.1542144828&ga_sid=1542144828&ga_hid=1604162783&ga_fc=0&iag=0&icsg=2731&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=303&ady=91&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061795&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.mejqxrnn6ept&fsb=1&xpc=MnWkPvOK55&p=http%3A//hotelromanonegombo.com&dtd=124
Frame ID: DC00806EF513D0513AA47345BA610CF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181107/r20180604/zrt_lookup.html
Frame ID: 8D9D02CBE008AD529A323EE5D1441F8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7885397051315846&output=html&h=600&slotname=7440010011&adk=1510339672&adf=1061722682&w=300&fwrn=4&fwrnh=100&lmt=1542144828&rafmt=4&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fhotelromanonegombo.com%2F&flash=0&fwr=0&resp_fmts=4&wgl=1&adsid=NT&dt=1542144828030&bpp=4&bdt=87&fdt=158&idt=65&shv=r20181107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=980x90&correlator=2126422969306&frm=20&pv=1&ga_vid=1273163445.1542144828&ga_sid=1542144828&ga_hid=1604162783&ga_fc=0&iag=0&icsg=11186172&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=983&ady=411&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061795&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.irsgaffjassb&fsb=1&xpc=Il1bSWCwu5&p=http%3A//hotelromanonegombo.com&dtd=163
Frame ID: 6B57CFB6A2A1FEACBC830BFCF718C3A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 50%
Detected patterns
  • env /^head$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

26
Requests

58 %
HTTPS

83 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

390 kB
Transfer

926 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
hotelromanonegombo.com/ 		54 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:79cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6bec54485421306b16fb80a5acd79009878f421d12ba95494e8a70a48ce914

Request headers

Host
hotelromanonegombo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827; expires=Wed, 13-Nov-19 21:33:47 GMT; path=/; domain=.hotelromanonegombo.com; HttpOnly
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
47945bd100cd639d-FRA
Content-Encoding
gzip
css
fonts.googleapis.com/ 		2 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:regular,700
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
988ee4f9bf4cd8b3a001ce7dd3acead38d2406daf6cc18f8b2ecf4a83048c433
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Tue, 13 Nov 2018 21:33:47 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Nov 2018 21:33:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 13 Nov 2018 21:33:47 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 21:33:47 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
47945bd6ab5b97aa-FRA
expires
Sun, 03 Nov 2019 21:33:47 GMT
style.css
hotelromanonegombo.com/themes/darkblue/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/themes/darkblue/style.css
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:79cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30cc70eedddfb566bfdd8a34d79dd885b15e0d1b540fc7d8b00266176b5dd45

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hotelromanonegombo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://hotelromanonegombo.com/
Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 11 Nov 2018 17:57:51 GMT
Server
cloudflare
ETag
"4ef4-57a6752af65c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47945bd6a314639d-FRA
Content-Length
4366
Expires
Wed, 14 Nov 2018 01:33:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
470b876329d335901da958d27bf65b47e0fea98c37c728d600d1bf17b26fff59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17385486627057528239
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27971
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Nov 2018 21:33:47 GMT
jquery.min.js
hotelromanonegombo.com/assets/public/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/assets/public/js/jquery.min.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hotelromanonegombo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://hotelromanonegombo.com/
Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 13 Sep 2018 07:55:50 GMT
Server
cloudflare
ETag
"1538f-575bc09118d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47945bd6b7c997a4-FRA
Content-Length
30307
Expires
Wed, 14 Nov 2018 01:33:47 GMT
imagesloaded.pkgd.min.js
hotelromanonegombo.com/themes/darkblue/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/themes/darkblue/assets/js/imagesloaded.pkgd.min.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hotelromanonegombo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://hotelromanonegombo.com/
Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 13 Sep 2018 07:55:50 GMT
Server
cloudflare
ETag
"15da-575bc09118d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47945bd6b2fb97b6-FRA
Content-Length
1810
Expires
Wed, 14 Nov 2018 01:33:47 GMT
isotope.pkgd.min.js
hotelromanonegombo.com/themes/darkblue/assets/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/themes/darkblue/assets/js/isotope.pkgd.min.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hotelromanonegombo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://hotelromanonegombo.com/
Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 13 Sep 2018 07:55:50 GMT
Server
cloudflare
ETag
"8a75-575bc09118d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47945bd6b658979e-FRA
Content-Length
9847
Expires
Wed, 14 Nov 2018 01:33:47 GMT
jquery.fitvids.js
hotelromanonegombo.com/themes/darkblue/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/themes/darkblue/assets/js/jquery.fitvids.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hotelromanonegombo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://hotelromanonegombo.com/
Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 13 Sep 2018 07:55:50 GMT
Server
cloudflare
ETag
"d16-575bc09118d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47945bd6b71abf25-FRA
Content-Length
1342
Expires
Wed, 14 Nov 2018 01:33:47 GMT
scripts.js
hotelromanonegombo.com/themes/darkblue/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hotelromanonegombo.com/themes/darkblue/assets/js/scripts.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66bece36ec74a500770cd433a2a1d92ed652c03505aee4b20a988e15d96ac3eb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
hotelromanonegombo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://hotelromanonegombo.com/
Cookie
__cfduid=df034786604f228bf5c561a888616e8501542144827
Connection
keep-alive
Cache-Control
no-cache
Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Thu, 13 Sep 2018 07:55:50 GMT
Server
cloudflare
ETag
"17e5-575bc09118d80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47945bd6b6d4c297-FRA
Content-Length
1735
Expires
Wed, 14 Nov 2018 01:33:47 GMT
counter.js
www.statcounter.com/counter/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.20.2.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 21:33:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2017 13:36:00 GMT
server
cloudflare
etag
W/"59034540-7083"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=43200
cf-ray
47945bd70876c288-FRA
expires
Wed, 14 Nov 2018 09:33:48 GMT
6xKodSZaM9iE8KbpRA_pkHEYT8L_FYzokA.woff2
fonts.gstatic.com/s/quicksand/v8/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v8/6xKodSZaM9iE8KbpRA_pkHEYT8L_FYzokA.woff2
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ff81460517b83711068fc195f9909664a40de558930d7bc45509b57fc270dbad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:regular,700
Origin
http://hotelromanonegombo.com

Response headers

date
Tue, 13 Nov 2018 03:37:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Oct 2018 20:50:13 GMT
server
sffe
age
64587
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12736
x-xss-protection
1; mode=block
expires
Wed, 13 Nov 2019 03:37:20 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://hotelromanonegombo.com

Response headers

date
Tue, 13 Nov 2018 21:33:48 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
content-length
77160
served-in-seconds
0.045
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
"5afd4910-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
47945bd74feac2ce-FRA
expires
Sun, 03 Nov 2019 21:33:48 GMT
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v8/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v8/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Quicksand:regular,700
Origin
http://hotelromanonegombo.com

Response headers

date
Tue, 13 Nov 2018 21:04:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Oct 2018 20:50:42 GMT
server
sffe
age
1765
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13596
x-xss-protection
1; mode=block
expires
Wed, 13 Nov 2019 21:04:22 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hotelromanonegombo.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Nov 2018 21:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hotelromanonegombo.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Nov 2018 21:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/ 		202 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
018fef2e506a43e4e4bc352313337395c5eeead911c0111dd104d1d09a4a7fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 13 Nov 2018 21:33:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17943046364960054484
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
76460
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Nov 2018 21:33:48 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/ Frame A494 		202 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
018fef2e506a43e4e4bc352313337395c5eeead911c0111dd104d1d09a4a7fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 13 Nov 2018 21:33:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17943046364960054484
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
76460
X-XSS-Protection
1; mode=block
Expires
Tue, 13 Nov 2018 21:33:48 GMT
ca-pub-7885397051315846.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7885397051315846.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:24:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Nov 2018 23:49:22 GMT
server
sffe
age
22149
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Wed, 14 Nov 2018 03:24:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181107/r20180604/ Frame 6319 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20181107/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20181107/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hotelromanonegombo.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hotelromanonegombo.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 07 Nov 2018 14:11:33 GMT
expires
Wed, 21 Nov 2018 14:11:33 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
544935
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
ads
googleads.g.doubleclick.net/pagead/ Frame DC00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7885397051315846&output=html&h=90&slotname=7440010011&adk=3407547372&adf=2889041356&w=980&fwrn=4&fwrnh=100&lmt=1542144828&rafmt=1&guci=1.2.0.0.2.2.0.0&format=980x90&url=http%3A%2F%2Fhotelromanonegombo.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1542144828017&bpp=12&bdt=75&fdt=84&idt=78&shv=r20181107&cbv=r20180604&saldr=aa&abxe=1&correlator=2126422969306&frm=20&pv=2&ga_vid=1273163445.1542144828&ga_sid=1542144828&ga_hid=1604162783&ga_fc=0&iag=0&icsg=2731&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=303&ady=91&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061795&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.mejqxrnn6ept&fsb=1&xpc=MnWkPvOK55&p=http%3A//hotelromanonegombo.com&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7885397051315846&output=html&h=90&slotname=7440010011&adk=3407547372&adf=2889041356&w=980&fwrn=4&fwrnh=100&lmt=1542144828&rafmt=1&guci=1.2.0.0.2.2.0.0&format=980x90&url=http%3A%2F%2Fhotelromanonegombo.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1542144828017&bpp=12&bdt=75&fdt=84&idt=78&shv=r20181107&cbv=r20180604&saldr=aa&abxe=1&correlator=2126422969306&frm=20&pv=2&ga_vid=1273163445.1542144828&ga_sid=1542144828&ga_hid=1604162783&ga_fc=0&iag=0&icsg=2731&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=303&ady=91&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061795&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.mejqxrnn6ept&fsb=1&xpc=MnWkPvOK55&p=http%3A//hotelromanonegombo.com&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hotelromanonegombo.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hotelromanonegombo.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 13 Nov 2018 21:33:48 GMT
server
cafe
cache-control
private
content-length
386
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Nov-2018 21:48:48 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Tue, 13 Nov 2018 21:33:48 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20181107/r20100101/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181107/r20100101/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e9cf77edb95978fa6b193724ee40fde091368427e030fed8735cdef6b1a35535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 11 Nov 2018 14:41:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197562
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27460
x-xss-protection
1; mode=block
server
cafe
etag
5000825381819961729
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Nov 2018 14:41:06 GMT
t.php
c.statcounter.com/ 		49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.statcounter.com/t.php?sc_project=11872259&java=1&security=ab0cdc1d&u1=467B944679AC4FFBE2DB64089166546F&sc_random=0.31213708235306226&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//hotelromanonegombo.com/&t=600M.%20Pillar%20Homes.%20White%20Granite%20Kitchen.%20Faux%20Marble%20Coffee%20Table.%20Bedroom%20Tables.%20Tall%20Bistro%20Table.%20Milano%20Doors.%20Dining%20Room%20Table%20Height.%20Fruitless%20Olive%20Trees.%20Charleston%20Green.%20Blue%20And%20White%20Plates.%20Round%20Shelves.%20Foyer%20Mirrors.%20Concrete%20Backyard.%20Pit%20Group.%20Esplanade%20Furniture.%20Granite%20Edg&sc_snum=1&sess=7a9eb4&p=0&invisible=1
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
HTTP/1.1
Server
104.20.3.47 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:33:48 GMT
Server
cloudflare
P3P
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Content-Type
image/gif
Connection
keep-alive
CF-RAY
47945bd8552b9aca-FRA
Content-Length
49
Expires
Mon, 26 Jul 1997 05:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181107/r20180604/ Frame 8D9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20181107/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20181107/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hotelromanonegombo.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hotelromanonegombo.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 07 Nov 2018 14:11:33 GMT
expires
Wed, 21 Nov 2018 14:11:33 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
544935
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
ads
googleads.g.doubleclick.net/pagead/ Frame 6B57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7885397051315846&output=html&h=600&slotname=7440010011&adk=1510339672&adf=1061722682&w=300&fwrn=4&fwrnh=100&lmt=1542144828&rafmt=4&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fhotelromanonegombo.com%2F&flash=0&fwr=0&resp_fmts=4&wgl=1&adsid=NT&dt=1542144828030&bpp=4&bdt=87&fdt=158&idt=65&shv=r20181107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=980x90&correlator=2126422969306&frm=20&pv=1&ga_vid=1273163445.1542144828&ga_sid=1542144828&ga_hid=1604162783&ga_fc=0&iag=0&icsg=11186172&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=983&ady=411&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061795&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.irsgaffjassb&fsb=1&xpc=Il1bSWCwu5&p=http%3A//hotelromanonegombo.com&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181107/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7885397051315846&output=html&h=600&slotname=7440010011&adk=1510339672&adf=1061722682&w=300&fwrn=4&fwrnh=100&lmt=1542144828&rafmt=4&guci=1.2.0.0.2.2.0.0&format=300x600&url=http%3A%2F%2Fhotelromanonegombo.com%2F&flash=0&fwr=0&resp_fmts=4&wgl=1&adsid=NT&dt=1542144828030&bpp=4&bdt=87&fdt=158&idt=65&shv=r20181107&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=980x90&correlator=2126422969306&frm=20&pv=1&ga_vid=1273163445.1542144828&ga_sid=1542144828&ga_hid=1604162783&ga_fc=0&iag=0&icsg=11186172&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=983&ady=411&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21061795&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.irsgaffjassb&fsb=1&xpc=Il1bSWCwu5&p=http%3A//hotelromanonegombo.com&dtd=163
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://hotelromanonegombo.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://hotelromanonegombo.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 13 Nov 2018 21:33:48 GMT
server
cafe
cache-control
private
content-length
383
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Nov-2018 21:48:48 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Tue, 13 Nov 2018 21:33:48 GMT
fuckadblock.min.js
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js
Requested by
Host: hotelromanonegombo.com
URL: http://hotelromanonegombo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://hotelromanonegombo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 21:33:48 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.001
last-modified
Thu, 17 May 2018 09:19:19 GMT
server
cloudflare
etag
W/"5afd4917-1285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
47945bd84c7697aa-FRA
expires
Sun, 03 Nov 2019 21:33:48 GMT

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| img_error object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| ae function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| $ function| jQuery function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| center_popup number| sc_project number| sc_invisible string| sc_security number| sc_width number| sc_height string| sc_referer number| sc_unique number| sc_returning number| sc_returns number| sc_error number| sc_remove number| sc_cls number| sc_inv string| sc_os string| sc_title string| sc_url string| sc_base_dir string| sc_click_dir string| sc_link_back_start string| sc_link_back_end string| sc_security_code string| sc_http_url string| sc_host string| sc_dc string| sc_alt_text string| sc_counter_size number| sc_prerendering string| sc_uuid string| sc_uuid_q string| sc_unique_returning string| sc_sp function| _sc_strip_tags function| _sc_sanitiseTags function| _sc_validateTags function| getTagString function| isValidEventName undefined| _statcounter_pending object| _statcounter number| sc_script_num object| _sc_imgs string| sc_pageview_tag_string number| _sc_project_int boolean| _sc_apply_mar_2017_fixes number| clickstat_done number| clickstat_project string| clickstat_security string| dlext string| ltype string| second object| dl object| lnk object| domsec string| host_name object| host_splitted string| domain string| host_split string| lnklocal_mask object| lnklocal object| anchors object| anchor undefined| original_click undefined| s undefined| bs undefined| head undefined| ps undefined| pe undefined| params undefined| plist undefined| body undefined| insert undefined| final_body undefined| ev_head undefined| ev_params undefined| ev_sep undefined| sc_i undefined| ev_foot undefined| ev_final string| sc_gsyn_pattern string| sc_gsyn_pattern2 undefined| sc_px undefined| sc_py undefined| sc_existing function| sc_none function| sc_delay function| sc_clickstat_call function| sc_adsense_click function| sc_adsense_init function| sc_getmouse function| sc_findy function| sc_findx function| sc_exitpage string| sc_doc_loc object| myRE object| sc_date number| sc_time number| sc_time_difference string| cookie_value object| expiration number| sc_call function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| FuckAdBlock object| fuckAdBlock

3 Cookies

Domain/Path Name / Value
.hotelromanonegombo.com/ Name: sc_is_visitor_unique
Value: rx11872259.1542144828.467B944679AC4FFBE2DB64089166546F.1.1.1.1.1.1.1.1.1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hotelromanonegombo.com/ Name: __cfduid
Value: df034786604f228bf5c561a888616e8501542144827

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.statcounter.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hotelromanonegombo.com
pagead2.googlesyndication.com
www.statcounter.com
104.20.2.47
104.20.3.47
2606:4700:30::6818:78cf
2606:4700:30::6818:79cf
2606:4700::6813:c497
2606:4700::6813:c697
2a00:1450:4001:806::2002
2a00:1450:4001:814::2002
2a00:1450:4001:816::2002
2a00:1450:4001:817::2002
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
018fef2e506a43e4e4bc352313337395c5eeead911c0111dd104d1d09a4a7fb9
03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
470b876329d335901da958d27bf65b47e0fea98c37c728d600d1bf17b26fff59
477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09
66bece36ec74a500770cd433a2a1d92ed652c03505aee4b20a988e15d96ac3eb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c6bec54485421306b16fb80a5acd79009878f421d12ba95494e8a70a48ce914
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
988ee4f9bf4cd8b3a001ce7dd3acead38d2406daf6cc18f8b2ecf4a83048c433
c30cc70eedddfb566bfdd8a34d79dd885b15e0d1b540fc7d8b00266176b5dd45
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
e9cf77edb95978fa6b193724ee40fde091368427e030fed8735cdef6b1a35535
ff81460517b83711068fc195f9909664a40de558930d7bc45509b57fc270dbad