urlscan.io logo urlscan.io
SecurityTrails logo

creekcanvas77.werite.net Open in urlscan Pro
157.245.145.14  Public Scan

Go To Rescan Add Verdict Report
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D...
Submission: On November 14 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 37 HTTP transactions. The main IP is 157.245.145.14, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is creekcanvas77.werite.net.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.
This is the only time creekcanvas77.werite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    157.245.145.14 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
creekcanvas77.werite.net
1    104.21.33.137 (None, )

ASN13335 (CLOUDFLARENET, US)
turkeywiz.com
1    2600:9000:2156:9800:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02, US)
live.staticflickr.com
1    2606:4700:3037::6815:393e (United States)

ASN13335 (CLOUDFLARENET, US)
www.doctorlive.news
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
lookaside.fbsbx.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
16 creekcanvas77.werite.net creekcanvas77.werite.net
9 www.youtube.com creekcanvas77.werite.net
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.facebook.com 1 redirects creekcanvas77.werite.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 lookaside.fbsbx.com 1 redirects
1 www.doctorlive.news creekcanvas77.werite.net
1 live.staticflickr.com creekcanvas77.werite.net
1 turkeywiz.com creekcanvas77.werite.net
37 14

This site contains links to these domains. Also see Links.

Domain
pastelink.net
themes.dotaddict.org
davidyim.com
validator.w3.org
jigsaw.w3.org
dotclear.org
Subject Issuer Validity Valid
werite.net
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-17 -
2022-06-16		 a year crt.sh
static.flickr.com
Amazon		 2021-02-11 -
2022-03-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Frame ID: E4C34839F6C2B245212F3071E774EAF7
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oW_gD8MVOqM
Frame ID: D252536A46AD0F8B6EB34610C5A67629
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not known Facts About تعرف على تكاليف زراعة الشعر في مصر وأسباب اختلافها من مركز - Wiggins Talley

Page Statistics

37
Requests

95 %
HTTPS

86 %
IPv6

12
Domains

14
Subdomains

14
IPs

4
Countries

1076 kB
Transfer

3080 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=991268194705366 HTTP 302
  • https://www.facebook.com/HairTransplantationEgypt/photos/a.271939216638271/991268194705366/?type=3&is_lookaside=1 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FHairTransplantationEgypt%2Fphotos%2Fa.271939216638271%2F991268194705366%2F%3Ftype%3D3%26is_lookaside%3D1
Request Chain 25
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-...
creekcanvas77.werite.net/post/2021/11/14/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d5021fd740395622e3b222b454d0cd731f5a689c9c2fb8c0e85c9ab80eb74441

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sun, 14 Nov 2021 05:32:44 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
4355
Connection
keep-alive
X-Pingback
https://creekcanvas77.werite.net/xmlrpc/creekcanvas77
Link
<https://creekcanvas77.werite.net/webmention>; rel="webmention"
Last-Modified
Sun, 14 Nov 2021 05:23:04 GMT
Cache-Control
must-revalidate, max-age=0
Pragma
ETag
"f4aeabd16ef2a52af5f0c1c89c45470d-gzip"
Vary
Accept-Encoding
Content-Encoding
gzip
style.css
creekcanvas77.werite.net/themes/blueairmessage/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/style.css
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3eeaaf5ccda733804bc21ad573627aa04f990aa6902889be9c5ce45b1d706a32

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"37f5-5880b06184a29-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3270
/
creekcanvas77.werite.net/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/?pf=jquery/2.2.4/jquery.js
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
566c5ae022adec5ee880397d01ca1605043c0d75a3278df292c8d1ccef20d2ff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 14 Nov 2021 05:32:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
38379
/
creekcanvas77.werite.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/?pf=jquery/2.2.4/jquery.cookie.js
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 14 Nov 2021 05:32:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
814
780.css
creekcanvas77.werite.net/themes/blueairmessage/css/ 		948 B
798 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b6475e76b7082f7b9374473b0a84edae09ae810670770166fd3098d56ff84b2d

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"3b4-5880b06183a89-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
495
/
creekcanvas77.werite.net/ 		1 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/?pf=post.js
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6c4fce889b2f4febda3abe2fd4c947d7a1eec38b53542a0ef404e52fec2bfde9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 14 Nov 2021 05:32:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
537
%D9%82%D8%A8%D9%84-%D9%88%D8%A8%D8%B9%D8%AF-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1.jpg
turkeywiz.com/wp-content/uploads/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turkeywiz.com/wp-content/uploads/%D9%82%D8%A8%D9%84-%D9%88%D8%A8%D8%B9%D8%AF-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1.jpg
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.33.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WooCloud
Resource Hash
0c21398d80c60d92bfc6ba5b816ea0d240067180436528121a698c2922266d6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
WooCloud
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5uBKhcbtr2j8syHqGS4trSDBsxsBVP2PQRbfhm8QzurrneQ7GeNzCgP1Q2QGCyf73SP7J0sR6hfRRF2m0QsgEEEpSelB72pmiY3qBXADkOGJoUOfNeCtFVUNIcB%2FDTS"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23872
x-xss-protection
1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Fri, 02 Apr 2021 06:33:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"6066baaf-5d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6adddc72cd160f66-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
31718333751_7d7c7eac6a_n.jpg
live.staticflickr.com/455/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.staticflickr.com/455/31718333751_7d7c7eac6a_n.jpg
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9800:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jubilee /
Resource Hash
46bd9cef892ce850f964eb6468225664d666b6b83e0f463d76007c9f44eba039
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:46 GMT
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
mib
2
x-ttfb
0.1046
surrogate-control
public, max-age=31536000
ourvalues
Grow Together (#1 of 5)
x-cache
Miss from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
streaming
false
edge-control
public, max-age=31536000
last-modified
Mon, 18 Mar 2019 17:05:28 GMT
imageheight
272
powered-by
Mutation/1.0
imagewidth
320
x-ttdb-l
30331
x-request-id
eae2292b
x-ua-compatible
IE=edge
x-env
a=live, b=jubilee, c=4cf206a9, e=5017319cdd8b6f0e8ca83f5d61e011f0dc7d4baa
server
Jubilee
etag
"cd3acb4492a6dfe1b7ff51590bf43970.1"
x-frame-options
DENY
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50-C1
hiring
Change the world of photography with us. https://www.flickr.com/jobs/
origintype
D
x-amz-cf-id
yiGSrzWgCeL0djgyUUUXSZ2ZqTOwEQJXKmrXkg0pEQM6aSB09eF46g==
quote
"I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires
Mon, 14 Nov 2022 05:32:46 GMT
3383.jpg
www.doctorlive.news/UserFiles/NewsSizes/600/2019/11/28/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doctorlive.news/UserFiles/NewsSizes/600/2019/11/28/3383.jpg?210110182900
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:393e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
399f36166e0bbc346761a1270807d49c4be4d99c87f6f218443d7373de5ad675

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24812
last-modified
Mon, 19 Jul 2021 07:40:30 GMT
server
cloudflare
etag
"c114ba59717cd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjBqcXYXaixfLlk8y6imLGabe4%2BPYeUU5CPdn4tRsMIfmVr%2BnEKbVfa1g98j898xeLF%2F%2BPeq9cOPMt1Af4kT1DzmZcvGkQlEI%2FC7v%2F6oCpGBSszUBuy5J1CQ4HYHRsiNo8u8oJDcLf9OyY2herxdNnGD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6adddc73ee3a3761-MXP
/
www.facebook.com/login/
Redirect Chain
  • https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=991268194705366
  • https://www.facebook.com/HairTransplantationEgypt/photos/a.271939216638271/991268194705366/?type=3&is_lookaside=1
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FHairTransplantationEgypt%2Fphotos%2Fa.271939216638271%2F991268194705366%2F%3Ftype%3D3%26is_lookaside%3D1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FHairTransplantationEgypt%2Fphotos%2Fa.271939216638271%2F991268194705366%2F%3Ftype%3D3%26is_lookaside%3D1
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
H2
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://api.mapbox.com https://*.tiles.mapbox.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://api.mapbox.com https://*.tiles.mapbox.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
qG2kfmIhCipVygR2V15y8l18lXz+/wuH0kV/ffRGUK9YrsEvXra7MueMjSrP9Yy6+/3l8mgI6KtyqvkDT8r5SQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 14 Nov 2021 05:32:46 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2FHairTransplantationEgypt%2Fphotos%2Fa.271939216638271%2F991268194705366%2F%3Ftype%3D3%26is_lookaside%3D1
cache-control
private, no-cache, no-store, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
creekcanvas77.werite.net/ 		636 B
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creekcanvas77.werite.net/?pf=print.css
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81893bc286061656942b0c574c32652ce7f70b729488a8929fc1613ea4da8cc8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date
Sun, 14 Nov 2021 05:32:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 May 2019 20:33:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
must-revalidate, max-age=604800
Connection
keep-alive
Content-Length
354
oW_gD8MVOqM
www.youtube.com/embed/ Frame D252 		59 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/oW_gD8MVOqM
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/post/2021/11/14/Not-known-Facts-About-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%84%D9%89-%D8%AA%D9%83%D8%A7%D9%84%D9%8A%D9%81-%D8%B2%D8%B1%D8%A7%D8%B9%D8%A9-%D8%A7%D9%84%D8%B4%D8%B9%D8%B1-%D9%81%D9%8A-%D9%85%D8%B5%D8%B1-%D9%88%D8%A3%D8%B3%D8%A8%D8%A7%D8%A8-%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81%D9%87%D8%A7-%D9%85%D9%86-%D9%85%D8%B1%D9%83%D8%B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b70abca1c8ccc19bce2a330da1adf78e917df094a31dabbbb683266812e39511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 14 Nov 2021 05:32:46 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
clear
page2.png
creekcanvas77.werite.net/themes/blueairmessage/img/780/ 		297 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/780/page2.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
38677fe67f5ee49821805334a3dd167ca5aec7cab4d034765e9b48ff68fe60c4

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"129-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
297
top_bg.png
creekcanvas77.werite.net/themes/blueairmessage/img/780/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/780/top_bg.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
90588bf5f1599b30d306c4393f294de5af8ebe706aea3c74defcba0f34db2f8f

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"c5d-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3165
header_img.jpg
creekcanvas77.werite.net/themes/blueairmessage/img/780/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/780/header_img.jpg
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7a0bba1cade3a43fb61eaa1c2d70159dffa82c00226daef3d2db337d32537ad0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"2585a-5880b06183a89"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
153690
menu_bg.png
creekcanvas77.werite.net/themes/blueairmessage/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/menu_bg.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd09ae6d12cc8f482ebf1ebe6e8315eed6ddf1905dc14ad031a83e1a0d10bd71

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"c04-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3076
menu_rss2.png
creekcanvas77.werite.net/themes/blueairmessage/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/menu_rss2.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e329981883d14db4d0afb109ddb56b6653d42602311e842f665d310edf794fb1

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"4b9-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1209
search2.png
creekcanvas77.werite.net/themes/blueairmessage/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/search2.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
351215345247a6d48ebc5ab0e303c8968c4a2ae5fe9ea3e7021b567169ef9f54

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"4e2-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1250
rss.png
creekcanvas77.werite.net/themes/blueairmessage/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/rss.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
acf719b306eaf1bd73c34e2dbb13081801e7c609cfb41611f56736127f9d05ce

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"c5b-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3163
link_add.png
creekcanvas77.werite.net/themes/blueairmessage/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/link_add.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e6b9c6090d6daf0e7220edfad37e1c7250c5487d4bae5251b9f517a4f2b391fd

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:46 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"c7e-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3198
footer2.png
creekcanvas77.werite.net/themes/blueairmessage/img/780/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creekcanvas77.werite.net/themes/blueairmessage/img/780/footer2.png
Requested by
Host: creekcanvas77.werite.net
URL: https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.245.145.14 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4ee259a96784a1e5dcc9bd2c843ea0dc61d8cbc3b5e22755b9c5d56a7211a4b9

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://creekcanvas77.werite.net/themes/blueairmessage/css/780.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:32:47 GMT
Last-Modified
Sat, 04 May 2019 07:43:31 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"327-5880b06183a89"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
www-player-webp.css
www.youtube.com/s/player/8d287e4d/ Frame D252 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:07:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
177891
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
47155
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D252 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 06:41:55 GMT
x-content-type-options
nosniff
age
255051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 06:41:55 GMT
www-embed-player.js
www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/ Frame D252 		207 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 07:25:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
79641
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
69543
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 13 Nov 2022 07:25:25 GMT
base.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/ Frame D252 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b212f8c919e5fd63646ffe3a401c6dd2cd33d26a85f49eecb4936e3b3611ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:25:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
176834
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
528415
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:25:32 GMT
fetch-polyfill.js
www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/ Frame D252 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 23:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
21812
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2830
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 13 Nov 2022 23:29:14 GMT
id
googleads.g.doubleclick.net/pagead/ Frame D252
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d96e7932b0e7a604d1e7b31349a6ac2c0926146d80bf43f0fad4aa316a92d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 05:32:46 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D252 		29 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:28:00 GMT
x-content-type-options
nosniff
age
286
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Nov 2021 05:43:00 GMT
remote.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/ Frame D252 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37aa9c8b83eeab3c01d35dbe0eabd35ead07af91d9f02339f8cd5fd4015cf87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 05:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
174227
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29807
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 05:08:59 GMT
xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js
www.google.com/js/th/ Frame D252 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 13:35:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
143864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13555
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Nov 2022 13:35:02 GMT
embed.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/ Frame D252 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a83886359fecfcc4ef9f909405825298106311a1f75bf2155473f9a177ef92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
176833
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7350
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:25:33 GMT
truncated
/ Frame D252 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQnRSqkWmOENOUOyEVGa--dDlmT9XOsl29eGis2LA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D252 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQnRSqkWmOENOUOyEVGa--dDlmT9XOsl29eGis2LA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bd568261ee804fcd4a62a4233759a51502abc09c37f481050032180a5328d734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 03:31:04 GMT
x-content-type-options
nosniff
age
7302
content-disposition
inline;filename="unnamed.jpg"
alt-svc
clear
content-length
2613
x-xss-protection
0
server
fife
etag
"v100"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 04:10:36 GMT
sddefault.webp
i.ytimg.com/vi_webp/oW_gD8MVOqM/ Frame D252 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/oW_gD8MVOqM/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93f67d143bee1347be5a73a3eeb27697c2e5f363384cf9178bad6eeaf2e9167b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:46 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
34110
x-xss-protection
0
server
sffe
etag
"1598724836"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Nov 2021 07:32:46 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D252 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 05:32:46 GMT
generate_204
www.youtube.com/ Frame D252 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?RDzKTw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oW_gD8MVOqM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:32:46 GMT
alt-svc
clear
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame D252 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 23:23:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sun, 14 Nov 2021 23:23:46 GMT
log_event
www.youtube.com/youtubei/v1/ Frame D252 		28 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/oW_gD8MVOqM
X-YouTube-Client-Version
1.20211110.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtVN0cwby1kQnNWRSj-vsKMBg%3D%3D
X-YouTube-Ad-Signals
dt=1636867966250&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C445%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 14 Nov 2021 05:32:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
31
x-xss-protection
0
expires
Sun, 14 Nov 2021 05:32:48 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery string| post_remember_str

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: tM5iWbe9qwE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: U7G0o-dBsVE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

creekcanvas77.werite.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
live.staticflickr.com
lookaside.fbsbx.com
static.doubleclick.net
turkeywiz.com
www.doctorlive.news
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.21.33.137
157.245.145.14
2600:9000:2156:9800:0:5a51:64c9:c681
2606:4700:3037::6815:393e
2a00:1450:4001:802::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2016
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
0c21398d80c60d92bfc6ba5b816ea0d240067180436528121a698c2922266d6c
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
351215345247a6d48ebc5ab0e303c8968c4a2ae5fe9ea3e7021b567169ef9f54
37aa9c8b83eeab3c01d35dbe0eabd35ead07af91d9f02339f8cd5fd4015cf87f
38677fe67f5ee49821805334a3dd167ca5aec7cab4d034765e9b48ff68fe60c4
399f36166e0bbc346761a1270807d49c4be4d99c87f6f218443d7373de5ad675
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eeaaf5ccda733804bc21ad573627aa04f990aa6902889be9c5ce45b1d706a32
46bd9cef892ce850f964eb6468225664d666b6b83e0f463d76007c9f44eba039
4ee259a96784a1e5dcc9bd2c843ea0dc61d8cbc3b5e22755b9c5d56a7211a4b9
566c5ae022adec5ee880397d01ca1605043c0d75a3278df292c8d1ccef20d2ff
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c4fce889b2f4febda3abe2fd4c947d7a1eec38b53542a0ef404e52fec2bfde9
7a0bba1cade3a43fb61eaa1c2d70159dffa82c00226daef3d2db337d32537ad0
81893bc286061656942b0c574c32652ce7f70b729488a8929fc1613ea4da8cc8
8b212f8c919e5fd63646ffe3a401c6dd2cd33d26a85f49eecb4936e3b3611ea8
90588bf5f1599b30d306c4393f294de5af8ebe706aea3c74defcba0f34db2f8f
93f67d143bee1347be5a73a3eeb27697c2e5f363384cf9178bad6eeaf2e9167b
9d96e7932b0e7a604d1e7b31349a6ac2c0926146d80bf43f0fad4aa316a92d22
acf719b306eaf1bd73c34e2dbb13081801e7c609cfb41611f56736127f9d05ce
b6475e76b7082f7b9374473b0a84edae09ae810670770166fd3098d56ff84b2d
b70abca1c8ccc19bce2a330da1adf78e917df094a31dabbbb683266812e39511
bd568261ee804fcd4a62a4233759a51502abc09c37f481050032180a5328d734
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
c7a83886359fecfcc4ef9f909405825298106311a1f75bf2155473f9a177ef92
d5021fd740395622e3b222b454d0cd731f5a689c9c2fb8c0e85c9ab80eb74441
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066
e329981883d14db4d0afb109ddb56b6653d42602311e842f665d310edf794fb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b9c6090d6daf0e7220edfad37e1c7250c5487d4bae5251b9f517a4f2b391fd
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fd09ae6d12cc8f482ebf1ebe6e8315eed6ddf1905dc14ad031a83e1a0d10bd71