urlscan.io logo urlscan.io
SecurityTrails logo

xx.knit.bid Open in urlscan Pro
172.67.212.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xx.knit.bid/
Effective URL: https://xx.knit.bid/
Submission: On May 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 13 domains to perform 68 HTTP transactions. The main IP is 172.67.212.41, located in United States and belongs to CLOUDFLARENET, US. The main domain is xx.knit.bid.
TLS certificate: Issued by E1 on May 3rd 2024. Valid for: 3 months.
This is the only time xx.knit.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 42 172.67.212.41 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.169.67 16509 (AMAZON-02)
1 2600:9000:266... 16509 (AMAZON-02)
3 2a02:6ea0:c70... 60068 (CDN77 _)
1 4 185.94.236.246 42567 (MOJHOST-EU)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 42.193.105.3 45090 (TENCENT-N...)
2 2620:1ec:46::45 8075 (MICROSOFT...)
3 95.211.229.247 60781 (LEASEWEB-...)
1 2600:9000:25e... 16509 (AMAZON-02)
1 35.156.113.21 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 95.211.229.245 60781 (LEASEWEB-...)
1 13.32.121.81 16509 (AMAZON-02)
9 2600:9000:215... 16509 (AMAZON-02)
3 20.114.189.135 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
68 20
42    172.67.212.41 (United States)

ASN13335 (CLOUDFLARENET, US)
xx.knit.bid
xx-media.knit.bid
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.169.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-67.cdg52.r.cloudfront.net
platform-api.sharethis.com
1    2600:9000:266e:ec00:c:dd71:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.juicyads.com
3    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
a.magsrv.com
a.pemsrv.com
4    185.94.236.246 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
js.wpnsrv.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    42.193.105.3 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
stats.viagle.com
2    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.pemsrv.com
1    2600:9000:25e8:5000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    35.156.113.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-113-21.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
s.pemsrv.com
1    13.32.121.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-81.fra60.r.cloudfront.net
count-server.sharethis.com
9    2600:9000:2156:de00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
3    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
42 knit.bid
xx.knit.bid
xx-media.knit.bid
2 MB
13 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4480
buttons-config.sharethis.com — Cisco Umbrella Rank: 5194
l.sharethis.com — Cisco Umbrella Rank: 4832
count-server.sharethis.com — Cisco Umbrella Rank: 11173
platform-cdn.sharethis.com — Cisco Umbrella Rank: 9723
58 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
v.clarity.ms — Cisco Umbrella Rank: 5765
c.clarity.ms — Cisco Umbrella Rank: 1385
28 KB
6 pemsrv.com
a.pemsrv.com — Cisco Umbrella Rank: 34475
s.pemsrv.com — Cisco Umbrella Rank: 25994
45 KB
4 jads.co
poweredby.jads.co — Cisco Umbrella Rank: 36498
2 KB
2 viagle.com
tianji.viagle.com Failed
stats.viagle.com
65 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
764 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
242 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 wpnsrv.com
js.wpnsrv.com — Cisco Umbrella Rank: 131607
6 KB
1 magsrv.com
a.magsrv.com — Cisco Umbrella Rank: 13602
42 KB
1 juicyads.com
js.juicyads.com — Cisco Umbrella Rank: 50419
93 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
98 KB
68 13
Domain Requested by
30 xx.knit.bid 13 redirects xx.knit.bid
static.cloudflareinsights.com
12 xx-media.knit.bid xx.knit.bid
9 platform-cdn.sharethis.com xx.knit.bid
4 s.pemsrv.com a.pemsrv.com
4 poweredby.jads.co 1 redirects xx.knit.bid
poweredby.jads.co
3 v.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms xx.knit.bid
www.clarity.ms
2 stats.viagle.com xx.knit.bid
stats.viagle.com
2 a.pemsrv.com xx.knit.bid
1 c.bing.com 1 redirects
1 count-server.sharethis.com platform-api.sharethis.com
1 region1.google-analytics.com www.googletagmanager.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 static.cloudflareinsights.com xx.knit.bid
1 js.wpnsrv.com xx.knit.bid
1 a.magsrv.com xx.knit.bid
1 js.juicyads.com xx.knit.bid
1 platform-api.sharethis.com xx.knit.bid
1 www.googletagmanager.com xx.knit.bid
0 tianji.viagle.com Failed xx.knit.bid
68 22

This site contains links to these domains. Also see Links.

Domain
meitu.knit.bid
portrait.knit.bid
Subject Issuer Validity Valid
knit.bid
E1		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.juicyads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-12 -
2024-06-11		 a year crt.sh
magsrv.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
pemsrv.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
1473237775.rsc.cdn77.org
R3		 2024-03-11 -
2024-06-09		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
stats.viagle.com
R3		 2024-05-05 -
2024-08-03		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2024-01-24 -
2025-02-23		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 7 frames:

Primary Page: https://xx.knit.bid/
Frame ID: 57D146AFE60BDAE36E96D95A5812A7D2
Requests: 60 HTTP requests in this frame

Frame: https://xx.knit.bid/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 58894B3AD808DE0F4046E64CEE353B75
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032632
Frame ID: A6AF96AEDF80D53865D00557A62A370F
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032632
Frame ID: 0E6D339A0F8953FCCAB541AECB838503
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032726
Frame ID: 804B1F205F4C94547AED650C6341A628
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032726
Frame ID: C98F887D637AAA071E93BCC4E53F08D4
Requests: 1 HTTP requests in this frame

Frame: https://s.pemsrv.com/iframe.php?url=H4sIAAAAAAAAA2WNy27bMBRE_0a7xLykeEkWMIruXDiVlViRXG8KPlu7okW92sTIx1ewl90NcGbO_JqmNH5arX52j2_t6c_ghkfbxdUY9TClLq2EQM.o1456FqRCLylhVCunrdKWGTQoDYjcKkDknmKwIDULXggtrFOf59EPX90aAtUOmTQGkHkSKBhQDq0x1nFJuOHojTDgFwIgDAIXXi8jAAXcqmzs5sH6xZSjFDmhWfTR3NRdcoV72byUm7Iym7JohLGi18Jsj0fW1K8ATUXm1hWHp22PTQ2v09AnVs2pdVusyZD6_mnYVKzeX.tmd5n7Nvbzgo4LOuyX5bdb67Kb4BJTPl1im.K1a2cyzi2ZRtomGLoYwW35vvvx7OKZCHr_076pr3fL_esWi2NROVdX5TP_H27x3ev3kzbNPMf.4Kk4n05Unw9VWZXhfK7qv.H7l4eHLMGaM8IJx0y_rUk2Ddr.3oWwhg80TkrFFA8WKaIMKPMckKBCS0Ju_gEEQgeO9wEAAA--
Frame ID: 5D8158E59E86EEC0EE7997445CC47E89
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

爱妹子

Page URL History Show full URLs

  1. http://xx.knit.bid/ HTTP 307
    https://xx.knit.bid/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

74 %
HTTPS

50 %
IPv6

13
Domains

22
Subdomains

20
IPs

5
Countries

2683 kB
Transfer

3502 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xx.knit.bid/ HTTP 307
    https://xx.knit.bid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 23
  • https://xx.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/13873035654.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/13873035654.jpg
Request Chain 24
  • https://xx.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/286o1moin2nwbi.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/286o1moin2nwbi.jpg
Request Chain 25
  • https://xx.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/233656bjzkjfwx6pnxj9p7.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/233656bjzkjfwx6pnxj9p7.jpg
Request Chain 26
  • https://xx.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/13715404577.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/13715404577.jpg
Request Chain 27
  • https://xx.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/36193kbxhy5nisel.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/36193kbxhy5nisel.jpg
Request Chain 28
  • https://xx.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E8%A3%A4%E6%B3%B3%E6%B1%A0%E8%AF%B1%E6%83%91%E5%86%99%E7%9C%9F%E5%A5%97%E5%9B%BE/1616259572qBDb.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E8%A3%A4%E6%B3%B3%E6%B1%A0%E8%AF%B1%E6%83%91%E5%86%99%E7%9C%9F%E5%A5%97%E5%9B%BE/1616259572qBDb.jpg
Request Chain 29
  • https://xx.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/1389f00006294ca4e0857.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/1389f00006294ca4e0857.jpg
Request Chain 30
  • https://xx.knit.bid/static/images/20220324/27368/14642177186.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/20220324/27368/14642177186.jpg
Request Chain 31
  • https://xx.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E3%83%93%E3%82%AD%E3%83%8B/6502695z0wywy2fsi.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E3%83%93%E3%82%AD%E3%83%8B/6502695z0wywy2fsi.jpg
Request Chain 32
  • https://xx.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/14505217657.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/14505217657.jpg
Request Chain 33
  • https://xx.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/4.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/4.jpg
Request Chain 34
  • https://xx.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/ffb0000276d1eca65266.jpg HTTP 302
  • https://xx-media.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/ffb0000276d1eca65266.jpg
Request Chain 39
  • https://xx.knit.bid/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://xx.knit.bid/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Request Chain 63
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BF2124B60D9742E295050797405B4607&RedC=c.clarity.ms&MXFR=30664C94B6636CF416C358E3B26362A3 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF2124B60D9742E295050797405B4607&MUID=09E6E6FCA72B6FFB3707F28BA6406EDF

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xx.knit.bid/
Redirect Chain
  • http://xx.knit.bid/
  • https://xx.knit.bid/
35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeb4f5e69102225be16d195c87c726dbdab7d97678df801b596a1b78c614ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=21600
cf-cache-status
DYNAMIC
cf-ray
87f8ad11cb6092bc-CPH
content-encoding
br
content-language
zh-hans
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Mon, 06 May 2024 11:37:03 GMT
expires
Mon, 06 May 2024 16:51:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHArlUnSghpigiJljM03qRUqCT86zI47CKeit%2F0WXeBoKu0soQIbvhw4DJ5%2BDe7Qj%2FTpbIEe4kuMO5pgkNCfv0tRG3C6jHvqa7vh6h6fCp9Gb52Hho91l75WQRl0yg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
is_mobile, Accept-Language, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

Location
https://xx.knit.bid/
Non-Authoritative-Reason
HttpsUpgrades
style.css
xx.knit.bid/static/zde/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/css/style.css?v=2.0
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c753a2dcf76bd262a75961072bd6a83569610537ab43fbda6b81c18ac675e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
402874
cf-polished
origSize=69900
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
W/"6570904f-1110c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VneFTJnZ4%2FQiBX2Z1aZG9PU3qq0pUGT5zxKXT4sUts9pCxdlC8qCoKg41MSCrUwPTdCBCv7Zd1RwQeRkP35NWhJrSA61cd7xcLe8UxJkaGcBMwLRJs%2FyoEJQlK2Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
87f8ad12dcaa92bc-CPH
priority
u=0,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
xx.knit.bid/static/zde/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/js/jquery.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413167
cf-polished
origSize=96380
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
W/"6570904f-1787c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvU7DBzKeMCXQzDQSGOazSw7S4f5IBQxwAIQB%2BCmE4b0FzoG414P5k4U8NxNBqa8LDMFJwpt%2BEhLFNi2jw%2FNmnZJZTZnjRg7EUUWEwJRV7ouk1rXl0EQWe1JxPJyTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
87f8ad12dcae92bc-CPH
priority
u=1,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
xx.knit.bid/static/zde/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/js/main.js?v=2.0
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6539c19dca3c04975ec0fb8b8abaa1f2bdad6d35316e0c525568aa0f999613

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407763
cf-polished
origSize=66442
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
W/"6570904f-1038a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V52c7N6COXNQZigQRGwxxpUKxuF6nHf21FQkkapRa4BZNHg7SVUUQ9VdHKPfegptgLxiDG0%2BFIAbSkB204XyL1NJT3JDai%2BQ3yy4K%2BrHIuWwfHZ6GyiHNhNMIK4fig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
87f8ad12dcaf92bc-CPH
priority
u=1,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
disclaimer.css
xx.knit.bid/static/zde/css/ 		1 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/css/disclaimer.css
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bc48ca9ade288c3eed8ac016182f00fc050049d86cf16b54e421895030ab8de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407763
cf-polished
origSize=1595
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 10:56:36 GMT
server
cloudflare
etag
W/"660d35e4-63b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIn6yhBmviR5MvygQcrRYUaIUty%2FMG6HT%2B7jIf9Nr%2F289r1cwoHKUZM9vektvXt4Lv1tETcuaF34iEiZCZAPXUEMG6nRQ0LvP%2BJzNTW7nFRd%2BUhYEPhtlXbEcHMgKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
87f8ad12dcb192bc-CPH
priority
u=0,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		288 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PEWFD7GRGP
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
915c46ecc5919ca9673fdd9d60b780676d6e574d2d7f33ae1f95da29e67eeb1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100309
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 May 2024 11:37:03 GMT
tracker.js
tianji.viagle.com/ 		0
0
sharethis.js
platform-api.sharethis.com/js/ 		206 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-67.cdg52.r.cloudfront.net
Software
/
Resource Hash
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:32:38 GMT
content-encoding
gzip
via
1.1 da68614307a40db3dcbe53959fc92288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
CDG52-P2
age
265
etag
W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
i72xFotyb0IS8XDMAxQPng7wiDLqJZSzhgC-iOt2PPfSOodhv3zMdw==
jp.php
js.juicyads.com/ 		92 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.juicyads.com/jp.php?c=34e4x2w2u224u4q2x2744384a4&u=http%3A%2F%2Fwww.juicyads.rocks
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:ec00:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8708db9e4f91a7e632e39b47bc5ea2b639e97fcc06e7bdf18fcf79afdff6f4fb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
cache
date
Mon, 06 May 2024 11:33:47 GMT
via
1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P8
age
196
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
irjxybaoDnhpZ-qSbVnrPpDbZ03CNX1GUSr-K-CHNN4E6HXawXdwnA==
expires
Mon, 06 May 2024 11:48:47 GMT
ad-provider.js
a.magsrv.com/ 		161 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.magsrv.com/ad-provider.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
x-age
1932
x-accel-date
1714993491
x-77-nzt
EgwBw7WvDgH3jAcAAAwBisclwQH3AwAAAA
x-accel-expires
@1715004291
x-77-age
1932
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"057432c37ba5cf65231392a9e07"
x-77-nzt-ray
908339300ccdafc8dfc038662ca3eb16
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Thu, 02 May 2024 13:45:55 GMT
jads2.js
poweredby.jads.co/js/
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
HTTP/1.1
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Mon, 06 May 2024 11:37:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Mar 2024 21:09:33 GMT
Server
nginx
ETag
W/"65fdf38d-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Mon, 06 May 2024 11:37:03 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
fp-interstitial.js
a.pemsrv.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pemsrv.com/fp-interstitial.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c5201467c1cef671cc4597377ae3fdb2a870317fb0ac9d09aed5abbab2263142

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
x-age
3038
x-accel-date
1714992385
x-77-nzt
EgwBw7WvDgH33gsAAAwBisclxAH3EQAAAA
x-accel-expires
@1715003184
x-77-age
3038
accept-ch
server
CDN77-Turbo
etag
W/"1e07b6de299b9dd596432bfa881"
x-77-nzt-ray
908339308aca16c6dfc03866fa2ecc0f
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*, *
cache-control
max-age=10800
access-control-allow-credentials
true
x-robots-tag
noindex, follow
expires
Thu, 02 May 2024 13:45:52 GMT
pn.php
js.wpnsrv.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpnsrv.com/pn.php
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b5c0a71e77e127da8090462b75b686d7911e43521efc6b1e1143b34b702ef2dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
1976
x-accel-date
1714993447
x-77-nzt
EQwBnJIhiAH3uAcAAA
x-accel-expires
@1715004247
x-77-age
1976
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"660e525a93a5feecd899736db83"
x-77-nzt-ray
f6587a1d885ebe16dfc0386642970e10
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Tue, 24 Oct 2023 14:40:41 GMT
imeizi.png
xx.knit.bid/static/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx.knit.bid/static/imeizi.png
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
262246c94851c15d96f64215357156c914d03972c78bad1f04c94a95fd6ce36e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
400360
alt-svc
h3=":443"; ma=86400
content-length
5830
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
"6570904f-16c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=llHdH5LSi1KuASHvK9N6S2tEIyG9EeXX37SEGuAG%2B79TrwvLKAfeR7rQ3dCXenm%2FDuPlsgK0vBSFYEolBamCVH%2BbGh2ZtTkVmAKw4iWlvdkAVFqQR80aNQN614weXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad12dcb492bc-CPH
priority
u=2,i
expires
Thu, 31 Dec 2037 23:55:55 GMT
hot_search.png
xx.knit.bid/static/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx.knit.bid/static/hot_search.png
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0480b6f6a36deec92f5a399314346bd87c92aff04accb105d790bf060f29bb8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413167
alt-svc
h3=":443"; ma=86400
content-length
9720
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
"6570904f-25f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4eqbWsMmdwUk4fsyC8hOk9QnFFJkrrkOOvWILWaLi9KlGsjvlEfaXQk7jpGFXD2KI5IYl7IDyW%2FYWCgDsroIY52ZhtegHIicvKjaS4AR%2BdlZvmFqdIbQ1NviKKRe3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad12dcb692bc-CPH
priority
u=2,i
expires
Thu, 31 Dec 2037 23:55:55 GMT
hot.png
xx.knit.bid/static/zde/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx.knit.bid/static/zde/hot.png
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47cbf32b4f3734490b2ed23721a49f9dd33918d65a748f0fe4d2d5d9698fdfb1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413167
alt-svc
h3=":443"; ma=86400
content-length
6173
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
"6570904f-181d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BP01ZNMXK3VynV33so0JP5ogVavfkJ4dZYn3IyfuPF1KuSWR7w7aQn7hGM9pW%2FAiKDDp06fDHXUokozw%2FsSbgNBFQ6OH4O9uS67t56%2BUvmf2jYmC948JcrtO%2BONn9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad131d0692bc-CPH
priority
u=2,i
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
xx.knit.bid/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2024 15:20:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66310c39-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cg5EwtkEri09EqpioNr6Lv0yYrwEjIiduW26CEHqYrRmTL%2B%2Fn0FVrN0dDSlCYHrYxpKc8qPiFHQ4lLuXq2SnYcfRuBGBpSsfV9bNDDkCGFrU2Y76aygJUz7Vqaffuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
87f8ad139d9192bc-CPH
expires
Wed, 08 May 2024 11:37:03 GMT
adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js
xx.knit.bid/static/zde/js/ 		17 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/js/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062000299c8472b7297db39153761686b4215b2d37a1341b55f86c8948dde442

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413167
cf-polished
origSize=19
alt-svc
h3=":443"; ma=86400
content-length
17
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
"6570904f-13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av64PJ80dlZ3DOYHfSvPDQ8Pk6iWyWAJ%2FKfq0udrpBogcXWoeGz2%2FK5pqMnnJkLRvTNyS5cV6J9q62cAbSvsvlzELBgtSrQxNI3PmaBSgeXekYUOZUPD4zC4RNxXGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad139d9592bc-CPH
priority
u=2,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
Disclaimer.js
xx.knit.bid/static/zde/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/js/Disclaimer.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c53405428a3f73f4daa53b7287557f2ab8a466321b0f82c1bb8f879a66d9be9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408582
cf-polished
origSize=3103
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 10:56:36 GMT
server
cloudflare
etag
W/"660d35e4-c1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6W6Dr3geBpKBK%2BcgHEzIt7q0%2FEEgOk7RJFa8mNGVZAoHfwXz7PVAH46WqNYlVUtnRhlM9%2B4EdFBDCHQD0ENJ5C6gphLdt10%2FSWNy%2FhDKZfdkv9jf7I898IWZJd%2BeGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
87f8ad139d9792bc-CPH
priority
u=2,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.js
xx.knit.bid/static/zde/js/ 		486 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/js/common.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a4891e52b9e19a44a2eeee62d4cc42de6db696b975dfb476f592df179f17ee3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413167
cf-polished
origSize=649
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 03 Apr 2024 10:56:36 GMT
server
cloudflare
etag
W/"660d35e4-289"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6G6V720%2FMOqFmrsvslIWSPMnyeaWpcC8oK1wlb6akj2b6c%2BBbaHG19hAr3WAdTjgIwc3NbtlTJabEKvI1gR2UjKtF3Ds%2F%2BX7IsWHHD3egJsn3HMT2njZd0o93n9o%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
87f8ad139d9992bc-CPH
priority
u=2,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://xx.knit.bid
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87f8ad140bdd34f2-WAW
matomo.js
stats.viagle.com/ 		65 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.viagle.com/matomo.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
42.193.105.3 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 06 May 2024 11:37:04 GMT
last-modified
Thu, 07 Mar 2024 23:35:49 GMT
server
nginx/1.22.1
etag
"65ea4f55-1042f"
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
66607
expires
Mon, 06 May 2024 12:37:04 GMT
cwa6886520
www.clarity.ms/tag/ 		667 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cwa6886520?ref=bwt
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf95b7492ebc6bd5a5b0b3669fd847cfea4a8c4106a443d8984f842c514e6a35

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Mon, 06 May 2024 11:37:03 GMT
x-azure-ref
20240506T113703Z-r1f6f4b66b55gjd7dnne97qy7g00000000rg00000000txdb
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
667
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
popunder1000.js
a.pemsrv.com/ 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pemsrv.com/popunder1000.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ae2233467ed9b4d7b9c76a3324da7710a107c2e67676eaa0a077c6f1d252f30e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
x-age
3039
x-accel-date
1714992384
x-77-nzt
EgwBw7WvDgH33wsAAAwBJRPCNAH3BwAAAA
x-accel-expires
@1715003184
x-77-age
3039
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server
CDN77-Turbo
etag
W/"d9d3b543c03e218b51fa2081f01"
x-77-nzt-ray
908339308aca16c6dfc038660268d716
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10800
x-robots-tag
noindex, follow
expires
Thu, 02 May 2024 13:45:51 GMT
13873035654.jpg
xx-media.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/
Redirect Chain
  • https://xx.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/13873035654.jpg
  • https://xx-media.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/13873035654.jpg
352 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/13873035654.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec2b358553f8e51418318c4d3d17642f09d216238984b1d0dc48de4b2941b51

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
360682
last-modified
Thu, 31 Mar 2022 17:14:44 GMT
server
cloudflare
etag
"6245e184-580ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZdtYQ8B2YC83HzRmzIixV2BPrf%2Fi1cxEWvl%2Bq%2BSRYXePM%2B49P1ay14vUX1t8A90gbKckd9LNuUgXwzirSh5%2FKqQFnSLWQb3ej%2BdbvWNJ1DHKyAWu8plHskhtqQLwtQ7oFPOag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147ef092bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJtBeLOg2q7Hh2daMyamjxt%2FP%2BWqpuwBaaCgBYPPJAhtSaAyeBB%2Bx5Dvp%2FKOI97CC0lKAzvNKAyuCwGZYsyJOMUMJLuE5Pk0vDZOyem91oc9bGupZfuJs0rmPQCh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2021/08/12/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.519%20%E7%8E%8B%E9%A6%A8%E7%91%B6yanni/13873035654.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7292bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
286o1moin2nwbi.jpg
xx-media.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/
Redirect Chain
  • https://xx.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/286o1moin2nwbi.jpg
  • https://xx-media.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/286o1moin2nwbi.jpg
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/286o1moin2nwbi.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a118a18e73397296df8f469b72b32b8ba8a0ef62d37e869e01c9fa3c0592906

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254109
alt-svc
h3=":443"; ma=86400
content-length
15696
last-modified
Tue, 19 Sep 2023 05:49:07 GMT
server
cloudflare
etag
"65093653-3d50"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuTVYKSrCV0t64juTyDodpuZyTKAUcZjco0RXIp26w%2Fq0wPo76jmZywKka0vomgtFtQE0oGbrZmko7OOGHcILtGAcTwoU%2FTD2kQcp%2BoNlaVG42zOoNoUUX3Dws6tCSpOUXiWOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147eef92bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5UWGoMvSQmLKGIzbC7Hp5Q76XUm%2FEQIww%2F719C3SEK05OklqGt1v62n8ooZQPVP8PVkAEz55nS%2FEYwozod46nLJzS4hT9pD4qS4gSGxyp2RACoEzf1ftNLrjkQtRWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2022/09/14/%E7%96%AF%E7%8C%ABSS-%E9%BB%91%E4%B8%9D%E5%A5%B3%E4%BB%86/286o1moin2nwbi.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7492bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
233656bjzkjfwx6pnxj9p7.jpg
xx-media.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/
Redirect Chain
  • https://xx.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/233656bjzkjfwx6pnxj9p7.jpg
  • https://xx-media.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/233656bjzkjfwx6pnxj9p7.jpg
116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/233656bjzkjfwx6pnxj9p7.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eca581d3a6a74a5e1cb9dc77116469fc032fa7e42c24f99afaec199af53a22c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329403
alt-svc
h3=":443"; ma=86400
content-length
118417
last-modified
Sun, 31 Mar 2024 20:20:31 GMT
server
cloudflare
etag
"6609c58f-1ce91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gu9rfAM1YZVmdirVAmjr2xNxjLrdYSxYYmqwKEujW3yrEkXAvZpzfr0Cyf6V31qmdgDoaQg9OEX7fcFVb%2F0GUjF5xf%2Bl%2BQQ3eop6dsZD1S%2F2Pzai0iepGAgCupvfRoPXnMUK3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147ef292bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58yU3BhRV0oWRwIxcYFl3ae%2B6jV5AE2HGzbC%2BKGkCj%2FZeyVksmqkArJEAPb%2F0ioe%2BP3NZeO%2Beao92gtjtT5de6LxRy4q84LGOWXmuXRIgesgvF3afws%2Bj8ufYMlB8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2024/04/01/%E2%98%85PATREON%E2%98%85%20Sanko%20-%20Hot%20Nurse/233656bjzkjfwx6pnxj9p7.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7592bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
13715404577.jpg
xx-media.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/
Redirect Chain
  • https://xx.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/13715404577.jpg
  • https://xx-media.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/13715404577.jpg
221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/13715404577.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8a60d592c10caf45a830b61e96c53089504f4f062baee8c6bf6503f70355db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
226014
last-modified
Thu, 31 Mar 2022 18:47:25 GMT
server
cloudflare
etag
"6245f73d-372de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6FfcUo%2FVdB3MaIrld6T2hB4FLG3WbouJHw9Eoq9vM2Y%2FxJ9G%2F1OGSjQfwdPBG5H6ZByUw4kxWGrSpT8aoNq0CCKDNKlViPUUn7clJ2rOxEDE7BxxysrM5thY8slBwf7q3383w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147efe92bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZjRnicACKAtS7HZvtLBNMu15l%2B8K4trVB69meQrpUtZcIw9CkfD6VTeq0Zd82OtZ0AKG4p6c1i%2FE2vUPeGDSo1Ph8S2FOZiEnMDnqktgDWfUACga5g%2BaMQs4q5ZEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2021/07/01/%5B%E7%A7%80%E4%BA%BAXIUREN%5D%20No.3197%20%E5%91%A8%E4%BA%8E%E5%B8%8CSandy%26Emily%E9%A1%BE%E5%A5%88%E5%A5%88/13715404577.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7792bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
36193kbxhy5nisel.jpg
xx-media.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/
Redirect Chain
  • https://xx.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/36193kbxhy5nisel.jpg
  • https://xx-media.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/36193kbxhy5nisel.jpg
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/36193kbxhy5nisel.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbc97c2ba13179b282be02d2c8df79464c46cfc5d7d6e2d7581fe2cf8e22b98

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352489
alt-svc
h3=":443"; ma=86400
content-length
15726
last-modified
Tue, 19 Sep 2023 02:43:06 GMT
server
cloudflare
etag
"65090aba-3d6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fzRN9J26UM5zmpd%2F4cqHRqdbqbLGLJPBGHSsFrllztNrqPgWxiXymldD9Gqkcp3M%2BsVOAXCG7htsK%2BJ7LjyLRzJ%2Fv3ydduq8IO2Yxz6T3jLQ9Z%2B%2BzwUabJOrdFpM2jT2uFciA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147ef392bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFl6MNwzyyxdyNYldmKAE%2B5ZK0Zm6LSyogSadBQ2ONBc0mKeTao6ElsdeKTCW1o9FVgmgq34UepTGjXFhwiOlqg0y4PVMQ6qbk3vgdHI%2BpxxB0eN5pX2%2F89e2dpR4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2023/05/08/%E5%B8%83%E4%B8%81%E5%A4%A7%E6%B3%95%20-%20%E4%BC%98%E9%85%B8%E4%B9%B3/36193kbxhy5nisel.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7992bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
1616259572qBDb.jpg
xx-media.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E8%A3%A4%...
Redirect Chain
  • https://xx.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E8%A3%A...
  • https://xx-media.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E...
274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E8%A3%A4%E6%B3%B3%E6%B1%A0%E8%AF%B1%E6%83%91%E5%86%99%E7%9C%9F%E5%A5%97%E5%9B%BE/1616259572qBDb.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8a83d69fedbb7e34c270e57b350803daad938158c685892789ddb5929a0eaf7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
280591
last-modified
Mon, 28 Mar 2022 20:31:26 GMT
server
cloudflare
etag
"62421b1e-4480f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oqc9v2aQlyd3KtRdyfbXPDxXKyrE3Ykrz9qUVXLlOtJyZCg1HVQysO0BEMQWDQ1iRs%2Fsd%2FGaRXGiZ6IjXNVXbW8M7dKB0Ns2ij3krXmKBs%2BA%2FrNAF6arPF4reO8wkDxynxw70g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147efa92bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0c7LEWQ2pbdxOkrvHEAqL3sctDwpXYbnmI0XzBsdTjRWKX3xZQlJg8afvpkC7tY7m%2FoEEhEBfE2DKnCcf0Ud4jJ1smO31Rg9LB%2BucBeuaxLfKbp7yJJkcCygakEEQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2021/03/21/%E8%90%8C%E5%A5%88%E5%AD%90%E6%80%A7%E6%84%9F%E6%B9%BF%E8%BA%AB%E8%AF%B1%E6%83%91%E6%9E%81%E5%93%81%E5%A4%A7%E5%9C%86%E8%87%80%E4%B8%81%E5%AD%97%E8%A3%A4%E6%B3%B3%E6%B1%A0%E8%AF%B1%E6%83%91%E5%86%99%E7%9C%9F%E5%A5%97%E5%9B%BE/1616259572qBDb.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7b92bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
1389f00006294ca4e0857.jpg
xx-media.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/
Redirect Chain
  • https://xx.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/1389f00006294ca4e0857...
  • https://xx-media.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/1389f00006294ca...
281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/1389f00006294ca4e0857.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499540572c39c12cdcf263db6f5f18cd213c06392f7d0cfecbbf9e12564a2e8f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269582
alt-svc
h3=":443"; ma=86400
content-length
287312
last-modified
Tue, 05 Apr 2022 06:13:35 GMT
server
cloudflare
etag
"624bde0f-46250"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5PUVFA%2BYRGkxu7Y7UiH%2B9WjfawtXpTGg3KxMmJserwrCZQUHgG2ACePWucDqMhhQ1gIYQlIGVid5xuMhGTCTpkEZIm1JfzYQ90fcU%2FGxK6CqKk%2Bzo4Nz4sO%2FJyRAkXFoaaLDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147ef892bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96y%2BZ96UNhoE%2FaeVRQdEY%2FcLYoEDIyHTi%2F18N3SZd0eI%2Fk2XLcN7vyIdLx6IQO4USv%2BFzEb4%2FF5Me98akgNg1E%2B%2F036e4EueVg1JoU9qIBPDK5il8HPYWxRKMt6Pow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2020/12/22/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88%E7%88%B1%E5%B0%A4%E7%89%A9%5D%20No.1448%20%E7%90%83%E7%90%83%20%E5%B0%A4%E7%94%BB%E6%83%85%E4%BA%BA/1389f00006294ca4e0857.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7c92bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
14642177186.jpg
xx-media.knit.bid/static/images/20220324/27368/
Redirect Chain
  • https://xx.knit.bid/static/images/20220324/27368/14642177186.jpg
  • https://xx-media.knit.bid/static/images/20220324/27368/14642177186.jpg
129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/20220324/27368/14642177186.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f913bd66cdea441b3eda564b39150edf995c2690e5ed2d9e319701c2bccca3c3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
132547
last-modified
Thu, 24 Mar 2022 06:06:53 GMT
server
cloudflare
etag
"623c0a7d-205c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44%2FylzgHI0OxcudcbLCQeQlaJllvT61TI%2B6g%2FJecTaOywfg3coXfU1cyXMcoLg5HDjq7Bdlnh2ch6rSoZatir27RS55DlshjygtvtNA88b26wlsx2HZhK8nQ3heoLYegItR8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147ef492bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmZTiaZm2L8%2BAgqHCDGpDfWLSAk0rpAyNS0myGg5LTfaI4ZS%2Bt1hUhnvwdMtjgKezS2MAyElACf3j1vNnEoCGWv9wZIQxiXEzQUcWf4bmzo2i%2FK4IHrtpXWvBvxV%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/20220324/27368/14642177186.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7d92bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
6502695z0wywy2fsi.jpg
xx-media.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E3%83%93%...
Redirect Chain
  • https://xx.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E3%83%9...
  • https://xx-media.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E...
16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E3%83%93%E3%82%AD%E3%83%8B/6502695z0wywy2fsi.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04e0130c1edf2f4cf106dd8da9f6240421e4bebb96ee97f0ed5fbd7e6e84265

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42911
alt-svc
h3=":443"; ma=86400
content-length
16442
last-modified
Tue, 19 Sep 2023 02:09:39 GMT
server
cloudflare
etag
"650902e3-403a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9YlWRNwHdSRSKcbw%2Bn7CWiws5RlsQvX52Fn76lNVuo%2BrtahMnGpWwZF9sr5Fds%2F%2BkeCtHROG8r5TQVTwtOX6L9y8gXNV%2BU7wQuJvd8INRvPSSwp6fcAlhbvtBk%2FRLIEaCQuYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147ef592bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxkhsfbLd2Rxb9u4Hk65%2F8eUpXNZHxhmKoc4ivl7TYVXICXTM%2Fm5K6ZxwhXR53HETSAJaFPcdWtZV2cB%2Fj5Jp6fLI%2BfHPCD7rhk1bATgVOtJxGlzyC6sZfhB4P9S5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2023/07/18/%5B%E3%83%96%E3%83%AD%E3%83%83%E3%82%B3%E3%83%AA%E3%83%BC%5D%20Nel%E5%9B%A3%E9%95%BF%C3%97%E7%89%9B%E6%9F%84%E3%83%9E%E3%82%A4%E3%82%AF%E3%83%AD%E3%83%93%E3%82%AD%E3%83%8B/6502695z0wywy2fsi.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e7f92bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
14505217657.jpg
xx-media.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/
Redirect Chain
  • https://xx.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/14505217657.jpg
  • https://xx-media.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/14505217657.jpg
359 KB
359 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/14505217657.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
824aada248c9e33ab406fde2334d7c8bda3d074fc3cc77f66b8e4ba724d40d62

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
367152
last-modified
Tue, 29 Mar 2022 00:58:37 GMT
server
cloudflare
etag
"624259bd-59a30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VAT0%2FKB9DLArEDh7MTvcGmWnJN1CVppSlT1cN1NplQ8sGuwUTp0h%2B2Hfk4V3pkSa9P1XN1Cltx%2FrG3DozW2GbNkXqQ3WgyuYGgcuX2wdQMFK7Nda9D3avJ8K6DigN%2BLMgWIqRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147eee92bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10a8EYc09q%2B3o4krtE1pO39wlsjWNgqrzwvLXpuKr62GTGu%2F4u6K3PNWNPGbim4BYRGidTokkH7pia7pAHA9Kje1pTBVYvcXS9LTwKbQlT0aBK6nN5zPtGC%2FTZpl%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2022/02/10/%5B%E5%B0%A4%E6%9E%9C%E5%9C%88Ugirls%5D%20No.2235%20%E5%BF%83%E8%B7%B3%E9%A2%91%E7%8E%87/14505217657.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e8192bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
4.jpg
xx-media.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/
Redirect Chain
  • https://xx.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/4.jpg
  • https://xx-media.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/4.jpg
177 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/4.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a129f454d36e133bb5cc0ffe9369f03b0414db3d0c969ee2aabe0f5f9010f80

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172840
alt-svc
h3=":443"; ma=86400
content-length
181608
last-modified
Tue, 31 Oct 2023 21:05:26 GMT
server
cloudflare
etag
"65416c16-2c568"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XZwt3j07VyFvpYoLwe7NAja%2BvkZAJXDfLwZucnB03qvEuDlinwZCGL6Yo6SKCGctKm6sJ6VoRrJ8g2xSw%2FNUVjS8S1znPR0X8q0bGoCKDJMUSszog2PkoOYU8FsrxGBEnRnK1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147eea92bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNM%2Bd9QwAKjiGm67JiO%2FUYwdYmMg2Y4oHc%2Fc4dkKQjLPbA8iQLS5rFo1fXymgzQ6p%2FjsZgMomBFCu8biINvODbT10IpmfseJNMQEKTY4KAfRKMBBiXx%2FwK3XI3el7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2023/10/31/AI%20Generated%20Chapter%20274/4.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e8392bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
ffb0000276d1eca65266.jpg
xx-media.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/
Redirect Chain
  • https://xx.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/ffb0000276d1eca65266.jpg
  • https://xx-media.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/ffb0000276d1eca65266.jpg
157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx-media.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/ffb0000276d1eca65266.jpg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4cc53fc7afda84ce774e06d6c9f3c864375de24f9de3fd02eda906b073396c8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://xx.knit.bid/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
160311
last-modified
Sun, 03 Apr 2022 02:03:53 GMT
server
cloudflare
etag
"62490089-27237"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJPEedmOu%2B55uoRxeo%2FjKD3Ojp95IWptJPUIubW4SNw7fX%2Fed4mq47xWJMiyNMQUL6kZl4F0w0q6qWv7QAuzTXlAiLu2HKJkj36Uztca19Nno%2FmA3jPjSYIfTagPmXEs%2B8HzVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad147eed92bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mNXl%2FTPikd3TP5L2WBUKtopfDmxpwsml%2BY%2Blq5d1E%2BiL8cgYC%2BKAsJZpDZVB5k%2FP0uGy0laOlZVCb%2BhHgBLTicLGXpI6CpHe%2FnYm9uo2jHHEErPH6ZMyR9ADOK9g0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://xx-media.knit.bid/static/images/2020/12/28/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2506%20%E6%B2%88%E6%A2%A6%E7%91%B6/ffb0000276d1eca65266.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f8ad142e8592bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
143
priority
u=3,i
expires
Thu, 01 Jan 1970 00:00:01 GMT
iconfont.woff
xx.knit.bid/static/zde/css/fonts/ 		6 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/zde/css/fonts/iconfont.woff
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/static/zde/css/style.css?v=2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6428ed26e0fd88d83f7adac8fb716df1040576ff732d23ff6ec6da12a2f9b90

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/static/zde/css/style.css?v=2.0
Origin
https://xx.knit.bid
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
410083
alt-svc
h3=":443"; ma=86400
content-length
6356
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
"6570904f-18d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ru9eabXF1LErnh%2BQ%2Fg5Ym7D6m1znBKPnOfOd4H2OLU9FuY8NXBbYvYQAUCqp2Jdi6umTm%2Bx07Rs2la8GNE773dtuQx2RYzNDlKkogoE1g%2FtaKvA7hCcLUQlY4YCtrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
87f8ad145eaa92bc-CPH
priority
u=0,i=?0
expires
Thu, 31 Dec 2037 23:55:55 GMT
splash.php
s.pemsrv.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.pemsrv.com/splash.php?idzone=4687402&orientation=landscape&screen_resolution=1600x1200&p=https%3A%2F%2Fxx.knit.bid%2F&cookieconsent=true
Requested by
Host: a.pemsrv.com
URL: https://a.pemsrv.com/fp-interstitial.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b83d25175e8e673220e2d067a481a48f347fc6bdb75761b786c417e9c4955efe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-CH-VALUES
{"architecture":"x86","bitness":"64","brands":[{"brand":"Google Chrome","version":"124"},{"brand":"Not:A-Brand","version":"8"},{"brand":"Chromium","version":"124"}],"fullVersionList":[{"brand":"Chromium","version":"124.0.6367.118"},{"brand":"Google Chrome","version":"124.0.6367.118"},{"brand":"Not-A.Brand","version":"99.0.0.0"}],"mobile":false,"model":"","platform":"Win32","platformVersion":"10.0.0"}

Response headers

Date
Mon, 06 May 2024 11:37:03 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://xx.knit.bid
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Robots-Tag
noindex, follow
Access-Control-Allow-Headers
X-CH-VALUES
splash.php
s.pemsrv.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.pemsrv.com/splash.php?idzone=4687402&orientation=landscape&screen_resolution=1600x1200&p=https%3A%2F%2Fxx.knit.bid%2F&cookieconsent=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-ch-values
Access-Control-Request-Method
GET
Origin
https://xx.knit.bid
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-CH-VALUES
Access-Control-Allow-Origin
https://xx.knit.bid
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 11:37:03 GMT
Server
nginx
Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow
venor.php
s.pemsrv.com/ 		1 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.pemsrv.com/venor.php
Requested by
Host: a.pemsrv.com
URL: https://a.pemsrv.com/popunder1000.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 06 May 2024 11:37:03 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex, follow
main.js
xx.knit.bid/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 5889
Redirect Chain
  • https://xx.knit.bid/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://xx.knit.bid/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H3
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf327396b456166547080e7f6c5fee77c8ee679323db51f8b35d6c11eced31a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8J89RtTIawl05lkmGEW%2FU4IsDWiS0uAIrdw8xFsHUow9be8DyPKcOx5Jr%2BEfjTvpP6ZOHKK5uWN2MUg8CiM8c05QcPHz6kh3o5NAtSUBiGcja9LUcjmVnKjLa76v1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87f8ad16292c92bc-CPH
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0

Redirect headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=er7cgmnMyvYpcMt8TkCsqQ8S2fI1DILEQdyfe%2FwV6qEVRJdsw9qb%2FGOpKB%2BrIN5kNkxYpSyMkIxtCUeBT9x18cpb4%2B71XFyy%2FYt6uHNwNKNnK4V4W7NWCGQiFJNAiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control
max-age=300, public
cf-ray
87f8ad14bf4892bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i=?0
623edc1379eab2001214c81e.js
buttons-config.sharethis.com/js/ 		657 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/623edc1379eab2001214c81e.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:5000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eec0a8932651a532e12bffd36e838a8d6bd114dc79d5395bb9061976cafa2d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:36:22 GMT
via
1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS1-P3
age
42
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
657
last-modified
Wed, 06 Mar 2024 09:33:26 GMT
server
AmazonS3
etag
"9874f00b9d133a83cdf1da4ceb118667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
38XhG5FoB1aM26AMG6c1Nf_ELK8v4JxecKonP9AYapNGccKSQ4TmGg==
pview
l.sharethis.com/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=xx.knit.bid&location=%2F&product=sop&url=https%3A%2F%2Fxx.knit.bid%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E7%88%B1%E5%A6%B9%E5%AD%90&cms=unknown&publisher=623edc1379eab2001214c81e&sop=true&version=st_sop.js&lang=en&description=%E6%AF%8F%E6%97%A5%E5%88%86%E4%BA%AB%E6%9C%80%E6%96%B0%E6%9C%80%E5%85%A8%E7%9A%84%E7%BE%8E%E5%A5%B3%E5%9B%BE%E7%89%87%E5%92%8C%E9%AB%98%E6%B8%85%E6%80%A7%E6%84%9F%E7%BE%8E%E5%A5%B3%E5%9B%BE%E7%89%87%E3%80%81cos%E3%80%81cosplay%E3%80%81xx%E3%80%81%E7%BE%8E%E5%A5%B3%E3%80%81xx%E7%BE%8E%E5%A5%B3%E3%80%81%E7%BE%8E%E5%A5%B3%E7%BD%91%E7%AB%99%E3%80%81%E7%BE%8E%E5%A5%B3%E7%85%A7%E7%89%87%E3%80%81%E8%A3%B8%E4%BD%93%E7%BE%8E%E5%A5%B3%E3%80%81%E7%BE%8E%E5%A5%B3%E8%A3%B8%E4%BD%93%E3%80%81%E7%BE%8E%E5%A5%B3%E5%9B%BE%E3%80%81%E6%80%A7%E6%84%9F%E5%A6%B9%E5%AD%90%E3%80%81%E6%97%A5%E6%9C%AC%E5%A6%B9%E5%AD%90%E3%80%81%E5%8F%B0%E6%B9%BE%E5%A6%B9%E5%AD%90%E3%80%81%E6%B8%85%E7%BA%AF%E5%A6%B9%E5%AD%90%E3%80%81%E5%A6%B9%E5%AD%90%E8%87%AA%E6%8B%8D%E4%BB%A5%E5%8F%8A%E8%A1%97%E6%8B%8D%E7%BE%8E%E5%A5%B3%E5%9B%BE%E7%89%87&ua=%22Google%20Chrome%22%3Bv%3D%22124%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22124%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Chromium%22%3Bv%3D%22124.0.6367.118%22%2C%20%22Google%20Chrome%22%3Bv%3D%22124.0.6367.118%22%2C%20%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&ua_platform_version=10.0.0&uuid=42f91663-998f-49fc-8aaf-6d4f7d006cba
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.113.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-113-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 06 May 2024 11:37:03 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://xx.knit.bid
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
adshow.php
poweredby.jads.co/ Frame A6AF 		0
0
adshow.php
poweredby.jads.co/ Frame 0E6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1032632
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 11:37:04 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
adshow.php
poweredby.jads.co/ Frame 804B 		0
0
adshow.php
poweredby.jads.co/ Frame C98F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1032726
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 11:37:04 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cwa6886520?ref=bwt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
content-encoding
br
last-modified
Wed, 01 May 2024 11:24:58 GMT
etag
W/"0x8DC69D155BAD85E"
vary
Accept-Encoding
x-azure-ref
20240506T113703Z-r1f6f4b66b55gjd7dnne97qy7g00000000rg00000000txe8
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1cdf5bd9-601e-0050-240e-9fec8b000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PEWFD7GRGP&gtm=45je4510v885927754za200&_p=1714995423282&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=837484980.1714995424&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714995423&sct=1&seg=0&dl=https%3A%2F%2Fxx.knit.bid%2F&dt=%E7%88%B1%E5%A6%B9%E5%AD%90&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=705
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEWFD7GRGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 11:37:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xx.knit.bid
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe.php
s.pemsrv.com/ Frame 5D81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.pemsrv.com/iframe.php?url=H4sIAAAAAAAAA2WNy27bMBRE_0a7xLykeEkWMIruXDiVlViRXG8KPlu7okW92sTIx1ewl90NcGbO_JqmNH5arX52j2_t6c_ghkfbxdUY9TClLq2EQM.o1456FqRCLylhVCunrdKWGTQoDYjcKkDknmKwIDULXggtrFOf59EPX90aAtUOmTQGkHkSKBhQDq0x1nFJuOHojTDgFwIgDAIXXi8jAAXcqmzs5sH6xZSjFDmhWfTR3NRdcoV72byUm7Iym7JohLGi18Jsj0fW1K8ATUXm1hWHp22PTQ2v09AnVs2pdVusyZD6_mnYVKzeX.tmd5n7Nvbzgo4LOuyX5bdb67Kb4BJTPl1im.K1a2cyzi2ZRtomGLoYwW35vvvx7OKZCHr_076pr3fL_esWi2NROVdX5TP_H27x3ev3kzbNPMf.4Kk4n05Unw9VWZXhfK7qv.H7l4eHLMGaM8IJx0y_rUk2Ddr.3oWwhg80TkrFFA8WKaIMKPMckKBCS0Ju_gEEQgeO9wEAAA--
Requested by
Host: a.pemsrv.com
URL: https://a.pemsrv.com/fp-interstitial.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 11:37:03 GMT
Server
nginx
Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow
get_counts
count-server.sharethis.com/v2.0/ 		343 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fxx.knit.bid%2F
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
/
Resource Hash
adb530939a2069935af6a670b801ac675d6a2122bc0ddb2941df330f9d2e1a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:04:58 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
2191
etag
8f855c4f44ab042100a734efa9bc427d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=3600
content-length
343
apigw-requestid
XVI6mj9IoAMEPCw=
x-amz-cf-id
cj5kg0iWOSxZC5mM0220on1j_02DFBBD3713JUp8qviQFYz-xkhgEg==
weibo.svg
platform-cdn.sharethis.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/weibo.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df0ae8713782229cd75ad43052897acbd3137df4281fe85c827901b1a98f1c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 16:41:55 GMT
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2228109
etag
W/"66af87221f9c1ee574d843bfea27738d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
FkAH-MBrSRE7DhXJ5vzaIEUz1xZUhfbrNnc81aGy_-ubwj2-pe6QNA==
wechat.svg
platform-cdn.sharethis.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/wechat.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 04:59:36 GMT
content-encoding
gzip
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
2097448
x-amz-server-side-encryption
AES256
etag
W/"857e7ba5ca888da30b3fdb02c485cc30"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Jd8G1vPcF5E0dpjtZ4Pc6KsVFUmPfZ7JT6cKKsDH9CK3sF_7Pq3g8w==
twitter.svg
platform-cdn.sharethis.com/img/ 		368 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:33:37 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 15 Sep 2023 16:58:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
207
x-amz-server-side-encryption
AES256
etag
"2deb3d5121d475d195577a70b0a91a0c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
368
x-amz-cf-id
su2AfhBpNmYBcFTO4zn3U7oglcnu3IR5WfqUc00Ipfmptkqn6iSxMA==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 03:49:07 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
2533677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
301
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"c6e9be45643e197ce1db1d7e24a99adc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
ftzTHNquOxBefO5Kai450tapsFGwP0T-LRw3LZQcfmnAd9AnVq7D1Q==
telegram.svg
platform-cdn.sharethis.com/img/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:32:30 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 12 Aug 2022 01:07:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
274
x-amz-server-side-encryption
AES256
etag
"e3f5e90fa57764cd951db1b1bc688edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
858
x-amz-cf-id
TzwtY-WnwfBXiDpXnbFzsnFvcBLBCam-JbkEeLrtyCG3sr6t7Yg-JQ==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 01:37:11 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
2455193
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
343
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"5977437466e857c7ddcadda6f6d88c2a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
EnfJRSncQFOOMDVmoCKrdWS6l_cmwK8bMO5p5Mf0qPU2OwPBDCnuSw==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 03:26:44 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
1009663
x-amz-server-side-encryption
AES256
etag
"deecdaa377907db5cc1722fc831670a1"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
514
x-amz-cf-id
gmg3z7QdaRaeTgQbUcZlmmCZfCFnNmoSGYOSxSeE_DTDaiUQkHGrvA==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 03:57:45 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
545959
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"b55d8d2b9321e381a3c38a4bddb74037"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
c769PsDsoJiHVfgP3GvSI9FrQyDd1h8Tpc3oMEGbq8fC9jWfAUo6lA==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 03:26:45 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
547819
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
565
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
etag
"9928d025bd5792b718ee0a185f62e67c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
8lFd4F9mwlV01CO2etX-tw-jXiZdX0OD_HeucggRASc6Jz4igbZtaQ==
87f8ad11cb6092bc
xx.knit.bid/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5889 		0
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/cdn-cgi/challenge-platform/h/g/jsd/r/87f8ad11cb6092bc
Requested by
Host: xx.knit.bid
URL: https://xx.knit.bid/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 May 2024 11:37:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXH9z%2Bye%2FTUFrH0JkC5pMKjr93s8Z9kIP1Pc%2Bf%2BdAdPoaFPuWgs%2FiILC3s6Cf4AH64FPsImvkE3%2B4kMDhtezbAMOs2PB4F%2F81MQIQ4WW5qbSwcB8lDDczGBCuG4OiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87f8ad16b9cb92bc-CPH
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=1,i
collect
v.clarity.ms/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xx.knit.bid
Date
Mon, 06 May 2024 11:37:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
collect
v.clarity.ms/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xx.knit.bid
Date
Mon, 06 May 2024 11:37:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
matomo.php
stats.viagle.com/ 		0
148 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.viagle.com/matomo.php?action_name=%E7%88%B1%E5%A6%B9%E5%AD%90&idsite=1&rec=1&r=506563&h=13&m=37&s=4&url=https%3A%2F%2Fxx.knit.bid%2F&_id=89cccd803c23e204&_idn=1&send_image=0&_refts=0&pv_id=UaEF3D&pf_net=56&pf_srv=149&pf_tfr=1&pf_dm1=262&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: stats.viagle.com
URL: https://stats.viagle.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
42.193.105.3 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx/1.22.1 / PHP/8.2.18
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://xx.knit.bid
date
Mon, 06 May 2024 11:37:05 GMT
access-control-allow-credentials
true
referrer-policy
origin
server
nginx/1.22.1
x-powered-by
PHP/8.2.18
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BF2124B60D9742E295050797405B4607&RedC=c.clarity.ms&MXFR=30664C94B6636CF416C358E3B26362A3
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF2124B60D9742E295050797405B4607&MUID=09E6E6FCA72B6FFB3707F28BA6406EDF
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF2124B60D9742E295050797405B4607&MUID=09E6E6FCA72B6FFB3707F28BA6406EDF
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2024 11:37:04 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 06 May 2024 11:37:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0366C8116F874A69819E0D88A55223F1 Ref B: CPH30EDGE0817 Ref C: 2024-05-06T11:37:05Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BF2124B60D9742E295050797405B4607&MUID=09E6E6FCA72B6FFB3707F28BA6406EDF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
rum
xx.knit.bid/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 06 May 2024 11:37:04 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://xx.knit.bid
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87f8ad1d9adf92bc-CPH
favicon.ico
xx.knit.bid/static/ 		66 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xx.knit.bid/static/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10042250dd05502727b7d02cd4704bca52f461d55430a298d773ec6154bbedf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://xx.knit.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 11:37:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
402873
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 15:16:31 GMT
server
cloudflare
etag
W/"6570904f-1083e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmqydI%2Fjp42D7oLY02budB%2BVih6bAKEqmGL8UPvLR9UwAwBT8brMH6hD4CqP1ccfgu0MX9gz%2FwPLwOKypDEIID7SC07NkV%2FwHF9l7klEKPu9BPNYIqW0z7AzGH2X0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
87f8ad1d9ae692bc-CPH
priority
u=1,i
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
v.clarity.ms/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://xx.knit.bid
Date
Mon, 06 May 2024 11:37:06 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tianji.viagle.com
URL
https://tianji.viagle.com/tracker.js
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1032632
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1032726

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| COOKIE object| isMobile object| _paq function| clarity function| gtag object| dataLayer function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 function| B9w9o function| V8mFj1 number| h1HPPQ function| J$i$O string| ed45dea function| N4kk object| JuicyPop object| adsbyjuicy string| ua object| ExoSupport number| pn_idzone number| pn_sleep_seconds number| pn_is_self_hosted number| pn_soft_ask string| pn_filename boolean| pn_run_immediate object| TBUI object| AdProvider boolean| killads object| exoDynamicParams function| q3xmXi function| I7Hv0 number| x2oXGy function| N8Cmy string| c686bf object| exoJsPop101 object| customTargeting number| ad_idzone number| ad_frequency_period number| ad_frequency_count number| ad_trigger_method boolean| ad_popup_force boolean| ad_popup_fallback boolean| ad_chrome_enabled boolean| ad_new_tab boolean| ad_cookieconsent string| ad_sub string| ad_sub2 string| ad_sub3 string| ad_cat string| ad_trigger_class string| ad_tags number| ad_trigger_delay string| ad_el boolean| ad_a9p2ZDr31k object| QueueManager object| ExoLoader object| resolver object| streaming object| VastSupport function| instantiateViewability function| ExoAdsRefresh object| __cfBeacon object| jQuery111007067475049887828 object| $comments object| $cancel string| cancel_text object| $submit object| $body object| addComment object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

25 Cookies

Domain/Path Name / Value
xx.knit.bid/ Name: pn-zone-4668192
Value: 1718883423460
www.clarity.ms/ Name: CLID
Value: 73520d636e6040f9b421243323bb5682.20240506.20250506
.pemsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226638c0df8f5167.210414762688030628%22%3B%7D
.knit.bid/ Name: _ga_PEWFD7GRGP
Value: GS1.1.1714995423.1.0.1714995423.0.0.0
.knit.bid/ Name: _ga
Value: GA1.1.837484980.1714995424
.knit.bid/ Name: _clck
Value: 10dkqt7%7C2%7Cflj%7C0%7C1587
.knit.bid/ Name: cf_clearance
Value: 2eSbJmX25k_eHSn8ejUqmgBGz6fAB2Nx16EfOTfc6fc-1714995423-1.0.1.1-paYCfUbSDdzJnUet_wDN_GgaPoURT0QgXszks5WlTXfdusSGqvF7qO0Juwo.m0B.W4Tcf2MWV.8_DkrodVAaXQ
go.xlivrdr.com/ Name: _var
Value: 67569847.33236_ZTA0YmExMjA=
go.xlivrdr.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtr4jPouUtFUmSRgd171a5n18H47E
.jads.co/ Name: surferid
Value: 961bf39fe009cbd3193ce5da7aceae63
.jads.co/ Name: juicy_data_1
Value: YTowOnt9
.jads.co/ Name: juicy_data
Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
go.mnaspm.com/ Name: __cflb
Value: 0H28upDCGznfDm9XVDQoiPUVymMcUWjHgEk2swuvr9A
creative.mnaspm.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtrs3cR5HVWEzYfyqLJzoA1YAE8xU
.knit.bid/ Name: _clsk
Value: r6phis%7C1714995424284%7C1%7C1%7Cv.clarity.ms%2Fcollect
go.mnaspm.com/ Name: _var
Value: 68838234.33054_68838237.33050_MGQ0Y2JiMjk=
xx.knit.bid/ Name: _pk_id.1.1e74
Value: 89cccd803c23e204.1714995425.
xx.knit.bid/ Name: _pk_ses.1.1e74
Value: 1
.bing.com/ Name: MUID
Value: 09E6E6FCA72B6FFB3707F28BA6406EDF
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 09E6E6FCA72B6FFB3707F28BA6406EDF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 09E6E6FCA72B6FFB3707F28BA6406EDF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

45 Console Messages

Source Level URL
Text
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: https://xx.knit.bid/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xx.knit.bid/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.magsrv.com
a.pemsrv.com
buttons-config.sharethis.com
c.bing.com
c.clarity.ms
count-server.sharethis.com
js.juicyads.com
js.wpnsrv.com
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
poweredby.jads.co
region1.google-analytics.com
s.pemsrv.com
static.cloudflareinsights.com
stats.viagle.com
tianji.viagle.com
v.clarity.ms
www.clarity.ms
www.googletagmanager.com
xx-media.knit.bid
xx.knit.bid
poweredby.jads.co
tianji.viagle.com
13.32.121.81
172.67.212.41
185.94.236.246
20.114.189.135
2001:4860:4802:34::36
2600:9000:2156:de00:1d:85c3:6640:93a1
2600:9000:25e8:5000:c:abe:f440:93a1
2600:9000:266e:ec00:c:dd71:23c0:93a1
2606:4700::6810:4f49
2620:1ec:46::45
2620:1ec:c11::237
2a00:1450:4001:81d::2008
2a02:6ea0:c700::10
2a02:6ea0:c700::17
35.156.113.21
42.193.105.3
52.222.169.67
68.219.88.97
95.211.229.245
95.211.229.247
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
062000299c8472b7297db39153761686b4215b2d37a1341b55f86c8948dde442
0a118a18e73397296df8f469b72b32b8ba8a0ef62d37e869e01c9fa3c0592906
0ec2b358553f8e51418318c4d3d17642f09d216238984b1d0dc48de4b2941b51
1a129f454d36e133bb5cc0ffe9369f03b0414db3d0c969ee2aabe0f5f9010f80
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262246c94851c15d96f64215357156c914d03972c78bad1f04c94a95fd6ce36e
2a4891e52b9e19a44a2eeee62d4cc42de6db696b975dfb476f592df179f17ee3
2eca581d3a6a74a5e1cb9dc77116469fc032fa7e42c24f99afaec199af53a22c
47cbf32b4f3734490b2ed23721a49f9dd33918d65a748f0fe4d2d5d9698fdfb1
499540572c39c12cdcf263db6f5f18cd213c06392f7d0cfecbbf9e12564a2e8f
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5bc48ca9ade288c3eed8ac016182f00fc050049d86cf16b54e421895030ab8de
5c53405428a3f73f4daa53b7287557f2ab8a466321b0f82c1bb8f879a66d9be9
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf327396b456166547080e7f6c5fee77c8ee679323db51f8b35d6c11eced31a
6eec0a8932651a532e12bffd36e838a8d6bd114dc79d5395bb9061976cafa2d9
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195
824aada248c9e33ab406fde2334d7c8bda3d074fc3cc77f66b8e4ba724d40d62
8339d1105cfdcb822ad213c724fd2bdff27a3887df7e5ce28e801fab46e3b370
8708db9e4f91a7e632e39b47bc5ea2b639e97fcc06e7bdf18fcf79afdff6f4fb
915c46ecc5919ca9673fdd9d60b780676d6e574d2d7f33ae1f95da29e67eeb1c
98d32b00fca86fc6994df33302e051a6ad03461a43ff5797d5b10ace4cf4772f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a0480b6f6a36deec92f5a399314346bd87c92aff04accb105d790bf060f29bb8
a10042250dd05502727b7d02cd4704bca52f461d55430a298d773ec6154bbedf
adb530939a2069935af6a670b801ac675d6a2122bc0ddb2941df330f9d2e1a75
ae2233467ed9b4d7b9c76a3324da7710a107c2e67676eaa0a077c6f1d252f30e
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b5c0a71e77e127da8090462b75b686d7911e43521efc6b1e1143b34b702ef2dd
b83d25175e8e673220e2d067a481a48f347fc6bdb75761b786c417e9c4955efe
b8a83d69fedbb7e34c270e57b350803daad938158c685892789ddb5929a0eaf7
b9c753a2dcf76bd262a75961072bd6a83569610537ab43fbda6b81c18ac675e1
bfbc97c2ba13179b282be02d2c8df79464c46cfc5d7d6e2d7581fe2cf8e22b98
c04e0130c1edf2f4cf106dd8da9f6240421e4bebb96ee97f0ed5fbd7e6e84265
c5201467c1cef671cc4597377ae3fdb2a870317fb0ac9d09aed5abbab2263142
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
cf95b7492ebc6bd5a5b0b3669fd847cfea4a8c4106a443d8984f842c514e6a35
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
dd6539c19dca3c04975ec0fb8b8abaa1f2bdad6d35316e0c525568aa0f999613
df0ae8713782229cd75ad43052897acbd3137df4281fe85c827901b1a98f1c33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edeb4f5e69102225be16d195c87c726dbdab7d97678df801b596a1b78c614ce3
f4cc53fc7afda84ce774e06d6c9f3c864375de24f9de3fd02eda906b073396c8
f6428ed26e0fd88d83f7adac8fb716df1040576ff732d23ff6ec6da12a2f9b90
f913bd66cdea441b3eda564b39150edf995c2690e5ed2d9e319701c2bccca3c3
fc8a60d592c10caf45a830b61e96c53089504f4f062baee8c6bf6503f70355db