xx.knit.bid Open in urlscan Pro
2606:4700:3035::ac43:d429 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xx.knit.bid/
Effective URL:
https://xx.knit.bid/
Submission: On November 16 via api (November 16th 2023, 4:51:32 pm UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 18 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3035::ac43:d429, located in United States and belongs to CLOUDFLARENET, US. The main domain is xx.knit.bid.
TLS certificate: Issued by E1 on November 8th 2023. Valid for: 3 months.

This is the only time xx.knit.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:3da4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:303... 2606:4700:3035::ac43:d429	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.27.80 13.32.27.80	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:7600:c:dd71:23c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1 4	185.94.237.73 185.94.237.73	42567 (MOJHOST-EU) (MOJHOST-EU)
7	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
2	42.193.105.3 42.193.105.3	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:25e... 2600:9000:25e8:e600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.120.113.109 3.120.113.109	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 12	2606:4700:311... 2606:4700:3110::6812:336a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.66.92 65.9.66.92	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:215... 2600:9000:2156:e400:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:311... 2606:4700:3110::6812:3eeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700:311... 2606:4700:311f::6812:3f7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:311... 2606:4700:311f::6812:3f84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.253.95.111 8.253.95.111	3356 (LEVEL3) (LEVEL3)
1	2600:9000:245... 2600:9000:2450:f800:c:2c8:3ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:248... 2600:9000:248c:8a00:8:b70:b740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
102	26

1 2606:4700:3036::6815:3da4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xx.knit.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3035::ac43:d429 (United States)

ASN13335 (CLOUDFLARENET, US)

xx.knit.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-80.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7600:c:dd71:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

a.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.237.73 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

js.wpnsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.193.105.3 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

stats.viagle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:e600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.113.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-113-109.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3110::6812:336a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.xlivrdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.mnaspm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.mnaspm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:e400:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3110::6812:3eeb (United States)

ASN13335 (CLOUDFLARENET, US)

video.ktkjmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

i.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:311f::6812:3f7e (United States)

ASN13335 (CLOUDFLARENET, US)

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:311f::6812:3f84 (United States)

ASN13335 (CLOUDFLARENET, US)

img.strpst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.253.95.111 (United States)

ASN3356 (LEVEL3, US)

edge-hls.doppiocdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2450:f800:c:2c8:3ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

edge-hls.doppiocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:248c:8a00:8:b70:b740:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-hls-02.doppiocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	knit.bid 1 redirects xx.knit.bid	4 MB
18	doppiocdn.net edge-hls.doppiocdn.net — Cisco Umbrella Rank: 30593 b-hls-02.doppiocdn.net — Cisco Umbrella Rank: 117443	2 MB
13	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4214 buttons-config.sharethis.com — Cisco Umbrella Rank: 4712 l.sharethis.com — Cisco Umbrella Rank: 4359 count-server.sharethis.com — Cisco Umbrella Rank: 10437 platform-cdn.sharethis.com — Cisco Umbrella Rank: 9006	58 KB
11	mnaspm.com creative.mnaspm.com — Cisco Umbrella Rank: 20506 go.mnaspm.com — Cisco Umbrella Rank: 15956	168 KB
11	pemsrv.com a.pemsrv.com — Cisco Umbrella Rank: 32630 s.pemsrv.com — Cisco Umbrella Rank: 26165	94 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 o.clarity.ms — Cisco Umbrella Rank: 7480 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 36427 i.jads.co — Cisco Umbrella Rank: 80653	1 MB
2	stripchat.com stripchat.com — Cisco Umbrella Rank: 17120	4 KB
2	viagle.com stats.viagle.com	65 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	762 B
1	doppiocdn.org edge-hls.doppiocdn.org — Cisco Umbrella Rank: 34795	172 B
1	strpst.com img.strpst.com — Cisco Umbrella Rank: 10567	8 KB
1	ktkjmp.com video.ktkjmp.com — Cisco Umbrella Rank: 15253	668 B
1	xlivrdr.com 1 redirects go.xlivrdr.com — Cisco Umbrella Rank: 16268	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	251 B
1	wpnsrv.com js.wpnsrv.com — Cisco Umbrella Rank: 89405	6 KB
1	juicyads.com js.juicyads.com — Cisco Umbrella Rank: 54923	93 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	84 KB
102	18

	Domain	Requested by
23	xx.knit.bid	1 redirects xx.knit.bid
17	b-hls-02.doppiocdn.net	creative.mnaspm.com
9	platform-cdn.sharethis.com	xx.knit.bid
7	creative.mnaspm.com	s.pemsrv.com creative.mnaspm.com
7	s.pemsrv.com	xx.knit.bid a.pemsrv.com
4	go.mnaspm.com	creative.mnaspm.com
4	o.clarity.ms	www.clarity.ms
4	poweredby.jads.co	1 redirects xx.knit.bid poweredby.jads.co
4	a.pemsrv.com	xx.knit.bid
2	c.clarity.ms	1 redirects
2	stripchat.com	creative.mnaspm.com
2	i.jads.co	poweredby.jads.co
2	www.clarity.ms	xx.knit.bid www.clarity.ms
2	stats.viagle.com	xx.knit.bid stats.viagle.com
1	c.bing.com	1 redirects
1	edge-hls.doppiocdn.net	creative.mnaspm.com
1	edge-hls.doppiocdn.org	creative.mnaspm.com
1	img.strpst.com	xx.knit.bid
1	video.ktkjmp.com	creative.mnaspm.com
1	count-server.sharethis.com	platform-api.sharethis.com
1	go.xlivrdr.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	js.wpnsrv.com	xx.knit.bid
1	js.juicyads.com	xx.knit.bid
1	platform-api.sharethis.com	xx.knit.bid
1	www.googletagmanager.com	xx.knit.bid
102	28

This site contains links to these domains. Also see Links.

Domain
portrait.knit.bid
meitu.knit.bid

Subject Issuer	Validity	Valid
knit.bid E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-12` - `2024-06-11`	a year	crt.sh
pemsrv.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
1473237775.rsc.cdn77.org R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
stats.viagle.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2022-12-26` - `2024-01-26`	a year	crt.sh
mnaspm.com GTS CA 1P5	`2023-10-20` - `2024-01-18`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
video.ktkjmp.com Cloudflare Inc ECC CA-3	`2023-07-02` - `2024-07-01`	a year	crt.sh
stripchat.com Cloudflare Inc ECC CA-3	`2023-01-31` - `2024-01-31`	a year	crt.sh
img.strpst.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.doppiocdn.org Sectigo RSA Domain Validation Secure Server CA	`2023-08-21` - `2024-09-20`	a year	crt.sh
*.doppiocdn.net Amazon ECDSA 256 M01	`2023-09-05` - `2024-10-03`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://xx.knit.bid/
Frame ID: 40312E16C09D19B54D7A584034A078C5
Requests: 58 HTTP requests in this frame

Frame: https://s.pemsrv.com/iframe.php?url=H4sIAAAAAAAAAyWRT2.bQBDFvw3HeGfXuwOVrFxd4WK3ECBcqtl_SVMwywJtFPXDF8eXp6d5mt87vNdlCfOX3e5lfHjvf_2JNj6YcdjNA8UljGGHqJzgjix3wqeZcilnglNmyWRkhFZapRpwbzJQSjquvIGUhHeIhMZmj.vs4ld7AM_JKpFqDUo45jloyKwyWhsrUya1VE6jBrclAKgVSHS0PQFkIE2WzOMajdtIe5XinvFkcIP.RI_BXoruWBTV8VLo44VQG5w2zbtONPUTQFOxtbdFe8on1dTwtMQpiGoNvc1VzeKU0zTleXct19ulYzG0N_vtFobreYHrEPbLdejD8DH2K5vXni0z7wPEcRjA5rIcf363wxtDfq8h19Qfd8pnxd0W3elU1D.q7hld1OVKmlp9Fg35mzp8K9vWiapUjfzrn5MABymYZFIl9H5gyRLJ_D57f4B_EoEZzLZNPCIXiIYo5aAsV5YQ0__0c69P1wEAAA--
Frame ID: 8C68E8615868C48EFA11882F254E0629
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032632
Frame ID: F3C3918EBF969205BE9AD26A9BA179BC
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032632
Frame ID: 92402FC22C1D605F69A0226875CAE278
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032726
Frame ID: 10C7958140AFA2B85EB60798FBDED1E4
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1032726
Frame ID: AB00A4F3DEE235FC0784243DF8EC5250
Requests: 2 HTTP requests in this frame

Frame: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
Frame ID: 6574F96D3FD9CFA96F792D819A47DA21
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

爱妹子

Page URL History Show full URLs

http://xx.knit.bid/ HTTP 301
https://xx.knit.bid/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

94 %
HTTPS

63 %
IPv6

18
Domains

28
Subdomains

26
IPs

5
Countries

6962 kB
Transfer

8185 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://portrait.knit.bid/
Title: 秀人模特套图

Search URL Search Domain Scan URL

URL: https://meitu.knit.bid/
Title: 美图网

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xx.knit.bid/ HTTP 301
https://xx.knit.bid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 48

https://go.xlivrdr.com/smartpop/776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=4687402&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&ax=0&trackOff=1 HTTP 302
https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240

Request Chain 84

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E7BE06D45E3543CDBE81A3A473ABCCA0&RedC=c.clarity.ms&MXFR=10D0CB23D0DB644D29B7D8E8D4DB6AF7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7BE06D45E3543CDBE81A3A473ABCCA0&MUID=23F52C6B082C6F2D23323FA009FE6ED5

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xx.knit.bid/
Redirect Chain

http://xx.knit.bid/
https://xx.knit.bid/

29 KB
10 KB

790ms
682ms

Document
text/html

2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a2280c7626d95a71ad10ee70e3342f48fd6af170440848110c96cb191cab7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=21600
cf-cache-status: DYNAMIC
cf-ray: 82713cd83ac70e00-AMS
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 16 Nov 2023 16:51:16 GMT
expires: Thu, 16 Nov 2023 22:39:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcGhvXIsnRDS2O%2BWcb4rmy1exV%2F2crWNm%2FrAOOqnPr%2BthRVxLglZbE8j6Rb3aCbYZo8FV5Edth6tUPm%2Bbrt9BIOoiMTwhD9vdjyiNJ9XBUsR04xMwz0uKHiTlfWWd%2FEww71PksIhDHkChA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: is_mobile, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

CF-RAY: 82713cd6fda85a8d-IAD
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 16 Nov 2023 16:51:15 GMT
Expires: Thu, 16 Nov 2023 17:51:15 GMT
Location: https://xx.knit.bid/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noFJKJ1QsB99SkSnZ1xswsytUIKbNYOhknl2XbUCy7TyfNG1Bj1mL6zWajY8nJXdx5oVMlAgpCNmaawaWBYpUemkthr%2B3QF1T5Zq1b4kxyz6%2BnOf48REUnerW8Zoep%2F5XKed6Nrjgcv91A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
xx.knit.bid/static/zde/css/ 57 KB
12 KB 94ms
56ms Stylesheet
text/css 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xx.knit.bid/static/zde/css/style.css?v=1.0
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d0f3f01a60c090109b58cc523c0996c17a81843cd5fa33da918a48704ad205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1259540
cf-polished: origSize=69737
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 14 Sep 2023 00:39:13 GMT
server: cloudflare
etag: W/"65025631-11069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGLZP8pInSCMxftzLwjiZ6FFKTLAfUMVp9gft6I2jvsueNfc3MW%2Bo2vbLAys0BwqgfARLCPG4z%2Fr862yEp5y3r0lNTFhslsV%2BJ2G2t%2FIfiTqyouvWKgXzhRe9%2F51qp9MdzhrvnfGU2fnSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 82713cdfabcb0e00-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
xx.knit.bid/static/zde/js/ 94 KB
34 KB 138ms
101ms Script
application/javascript 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xx.knit.bid/static/zde/js/jquery.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 565233
cf-polished: origSize=96380
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Mar 2022 04:27:23 GMT
server: cloudflare
etag: W/"62340a2b-1787c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jP%2BL2t%2BWSWdCjzbTJ7hYSjToo0PpGPBbKLKS4bzVik9qVuA9%2FddQABCwXJwov%2FZoPLh5sTmvqpAW4JoqIEOwUMwtB4ukRdjTxrmYNle4E%2B4zv%2BtDO5VUTs2ZAwxq0hsjkKn9L33sv6XFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 82713cdfabce0e00-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
xx.knit.bid/static/zde/js/ 60 KB
20 KB 149ms
113ms Script
application/javascript 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xx.knit.bid/static/zde/js/main.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d49916f545fc4c71c2e71494bb506864d2e34491ed657540141e9f1b802c208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1308812
cf-polished: origSize=67081
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 21 May 2022 11:03:42 GMT
server: cloudflare
etag: W/"6288c70e-10609"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksT81NhIYdZdSLEUxSfv569Lq7iAxmN%2F%2Bc7pkLfkTzbfLcskcnmiNSNw6P7q2Z9Uf0gOiYz1aa3ekT3pno4XNMUcEtuIrVx7B9VwFIAwfUDkMyfx1LPfSDDSXXjYNP02G%2BbxPu4EyPTQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 82713cdfabd00e00-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 173ms
35ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PEWFD7GRGP

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b413a7b9e7f7e4e6b9a3a768e652c2af8ce28c05f1227dd0a919a3135a90e04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 16:51:17 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 208 KB
47 KB 161ms
22ms Script
text/javascript 13.32.27.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-80.fra56.r.cloudfront.net

Software

Resource Hash

f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:47:17 GMT
content-encoding: gzip
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 240
etag: W/"33fbe-N51ttSXIC05eae0N3/gGTPPbUMQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: 11FNkiIjf84_K0yav2v20Ir60MSJTu505H1HzTtxzkb5bBv7esDhbw==

GET
H2 200 jp.php Show response
js.juicyads.com/ 92 KB
93 KB 180ms
26ms Script
application/javascript 2600:9000:2057:7600:c:dd71:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jp.php?c=34e4x2w2u224u4q2x2744384a4&u=http%3A%2F%2Fwww.juicyads.rocks
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bde3e294ce46d20645f2be4d737ac84a77ebd479eb5d52ff5e23b00cc330821

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: cache
date: Thu, 16 Nov 2023 16:40:42 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 635
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: ROxQ6CgFASgBzg5UGOHN49GTLN2LC9wZSmd-HLtfgTY7HciyFHfe5A==
expires: Thu, 16 Nov 2023 16:55:42 GMT

GET
H2 200 ad-provider.js Show response
a.pemsrv.com/ 119 KB
33 KB 63ms
57ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pemsrv.com/ad-provider.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 00aa377d83f3d66a15bf2a20806c917d278a3487421b37c3768bcf4673975bbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: gzip
x-age-lb: 6582
x-77-cache: HIT
x-accel-date: 1700146895
x-77-nzt: AsO1qhE3Nzf/thkAANRmOAk3Nzf/FQAAAA
x-accel-expires: @1700157674
x-77-age: 6603
x-cache-lb: HIT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"6eea5ba907cf8a59f1715f8055e"
x-77-nzt-ray: 4c1562243ea90b2d8548566568684c11
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Thu, 16 Nov 2023 18:01:14 GMT

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

113ms
29ms

Script
application/x-javascript

185.94.237.73
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: HTTP/1.1
Server: 185.94.237.73 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 16:51:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Server: nginx
ETag: W/"650b6371-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Thu, 16 Nov 2023 16:51:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 fp-interstitial.js Show response
a.pemsrv.com/ 18 KB
6 KB 151ms
41ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pemsrv.com/fp-interstitial.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c5201467c1cef671cc4597377ae3fdb2a870317fb0ac9d09aed5abbab2263142

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: gzip
x-age-lb: 6599
x-77-cache: HIT
x-accel-date: 1700146878
x-77-nzt: AsO1qhE3Nzf/xxkAANRmOAk3Nzf/BQAAAA
x-accel-expires: @1700157673
x-77-age: 6604
x-cache-lb: HIT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"1e07b6de299b9dd596432bfa881"
x-77-nzt-ray: 4c1562243ea90b2d85485665db509e09
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *, *
cache-control: max-age=10800
access-control-allow-credentials: true
x-robots-tag: noindex, follow
expires: Thu, 16 Nov 2023 18:01:13 GMT

GET
H/1.1 200
OK splash.php Show response
s.pemsrv.com/ 0
414 B 157ms
30ms Script
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/splash.php?idzone=4698000
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 16:51:17 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H2 200 pn.php Show response
js.wpnsrv.com/ 18 KB
6 KB 148ms
41ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpnsrv.com/pn.php
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b5c0a71e77e127da8090462b75b686d7911e43521efc6b1e1143b34b702ef2dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: gzip
x-age-lb: 7656
x-77-cache: HIT
x-accel-date: 1700145821
x-77-nzt: AZySIYs3Nzf/6B0AAA
x-accel-expires: @1700156621
x-77-age: 7656
x-cache-lb: HIT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
server: CDN77-Turbo
etag: W/"660e525a93a5feecd899736db83"
x-77-nzt-ray: cf8787277649de0185485665314a3909
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Tue, 24 Oct 2023 14:40:42 GMT

GET
H2 200 imeizi.png
xx.knit.bid/static/ 6 KB
6 KB 95ms
61ms Image
image/png 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/imeizi.png
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262246c94851c15d96f64215357156c914d03972c78bad1f04c94a95fd6ce36e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1423206
alt-svc: h3=":443"; ma=86400
content-length: 5830
last-modified: Fri, 18 Mar 2022 04:27:23 GMT
server: cloudflare
etag: "62340a2b-16c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1CQ1z96%2BgBuF%2Bmq%2FzfQm3rwwf8GTq9rhV2mARQu1znsTUUd8sbVmSzVUmgTmBN%2BTYc02kf2U5smr62fRzSeUxTHLKKKMIzUYE5yDje48i8Q9ptiA7n5H3YKiiPUWZxvz%2Bh6HI0KHJJN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713cdfabd10e00-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hot_search.png
xx.knit.bid/static/ 9 KB
10 KB 129ms
96ms Image
image/png 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/hot_search.png
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0480b6f6a36deec92f5a399314346bd87c92aff04accb105d790bf060f29bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1308811
alt-svc: h3=":443"; ma=86400
content-length: 9720
last-modified: Wed, 13 Sep 2023 15:55:41 GMT
server: cloudflare
etag: "6501db7d-25f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWL6Ga6Y%2BJsyiDT1n8ZVIcNT4wplZDxLjIbVw29Vx03Ca8o9itOM8tznI3hkxb%2FN2Y3aQIPux8hjrSlXsJbn6FvmFF4Q2vak8%2BcVB6E178aTvTZcTeW7UHZmE3rsPyZZzu9xI0B%2BDVDiww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713cdfabd20e00-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nativeads-v2.js Show response
a.pemsrv.com/ 44 KB
13 KB 34ms
25ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pemsrv.com/nativeads-v2.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6ba319dac56d65ec95c5a9fde9e8f0a2e9115b9f537acabf05619fd43f124c47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: gzip
x-age-lb: 6293
x-77-cache: HIT
x-accel-date: 1700147184
x-77-nzt: AsO1qhE3Nzf/lRgAANRmOAk3Nzf/HgEAAA
x-accel-expires: @1700157698
x-77-age: 6579
x-cache-lb: HIT
accept-ch
server: CDN77-Turbo
etag: W/"0a1ec9ea204c9e9d24de01b9c69"
x-77-nzt-ray: 4c1562243ea90b2d854856657244fe0a
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Thu, 16 Nov 2023 18:01:38 GMT

GET
H2 200 hot.png
xx.knit.bid/static/zde/ 6 KB
6 KB 53ms
46ms Image
image/png 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/zde/hot.png
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47cbf32b4f3734490b2ed23721a49f9dd33918d65a748f0fe4d2d5d9698fdfb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1259551
alt-svc: h3=":443"; ma=86400
content-length: 6173
last-modified: Fri, 18 Mar 2022 04:27:23 GMT
server: cloudflare
etag: "62340a2b-181d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiyfNzXeNhOLO%2Bx%2FUF0PGM19mTIie08xhDAjER%2B%2FrN%2F5mBfYDdvTbEaDr983isS0Ym5vhXEnn1Qe%2BB5s8I3jL13Z%2BcpmOhDk%2FdBeqomkYDMfTIabXaXidYToyIEbUxDOFStg98VPmRBz4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce07cee0e00-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
xx.knit.bid/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 38ms
36ms Script
application/javascript 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xx.knit.bid/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bb442-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5VGDFJt0KvTq7q262WK4N3yF5pE%2BwBE038U6yNJYXif2aIrcQZxC0MuF6k4acdcDz4LWWtf%2BKbvIi%2FJuPa2CD1Opn4D22%2BZ40BKjuQm%2F1euvp6xIpxVhDfReE2pklJBmPTXJICSb69Kcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82713ce0aac80a77-AMS
expires: Sat, 18 Nov 2023 16:51:17 GMT

GET
H3 200 adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js Show response
xx.knit.bid/static/zde/js/ 17 B
550 B 60ms
58ms Script
application/javascript 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xx.knit.bid/static/zde/js/adview_pic_cpc_cpm_cpa_guanggao_gg_ads_300x250.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062000299c8472b7297db39153761686b4215b2d37a1341b55f86c8948dde442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 683439
cf-polished: origSize=19
alt-svc: h3=":443"; ma=86400
content-length: 17
cf-bgj: minify
last-modified: Sun, 17 Sep 2023 04:19:22 GMT
server: cloudflare
etag: "65067e4a-13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVBVGDfrBFw2Q3R%2B3ZUPa6z3OqFls7fwtjf8crZNGMvlIzKxBZIa%2F6ursAJJRRIM5X0xTx9Q3oan0%2BMVxcKEbr%2BpChGR4VT%2Bt6fRG%2F%2BuI9wCCnWLEn2DzTMLjj2iz80erYwbTEqRfxLpOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce0db200a77-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 matomo.js Show response
stats.viagle.com/ 64 KB
65 KB 1765ms
654ms Script
application/javascript 42.193.105.3
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.viagle.com/matomo.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.193.105.3 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 16:51:18 GMT
last-modified: Tue, 01 Aug 2023 09:51:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64c8d5a9-10132"
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 65842
expires: Thu, 16 Nov 2023 17:51:18 GMT

GET
H2 200 cwa6886520 Show response
www.clarity.ms/tag/ 650 B
1014 B 270ms
132ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cwa6886520?ref=bwt
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 406ca8a51dfe94477c1b28b0626916a5c551c44706b6699f5a466f7a923bda20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Thu, 16 Nov 2023 16:51:17 GMT
x-azure-ref: 20231116T165117Z-ttxx6t00kx7w5d6xe0kzza1ar400000007v0000000010k1s
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 popunder1000.js Show response
a.pemsrv.com/ 97 KB
37 KB 31ms
31ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pemsrv.com/popunder1000.js
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2efc5c63fa2e3fd027f662856e9b133645b7ba58793ade93cca224847aab5a39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: gzip
x-age-lb: 6600
x-77-cache: HIT
x-accel-date: 1700146877
x-77-nzt: AsO1qhE3Nzf/yBkAANRmOAk3Nzf/AwAAAA
x-accel-expires: @1700157674
x-77-age: 6603
x-cache-lb: HIT
accept-ch
server: CDN77-Turbo
etag: W/"fed71b2f3e4c81db832607895ed"
x-77-nzt-ray: 4c1562243ea90b2d8548566588039e14
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=10800
x-robots-tag: noindex, follow
expires: Thu, 16 Nov 2023 18:01:14 GMT

GET
H/1.1 200
OK splash.php Show response
s.pemsrv.com/ 1008 B
1 KB 70ms
42ms XHR
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/splash.php?idzone=4687402&orientation=landscape&screen_resolution=1600x1200&p=https%3A%2F%2Fxx.knit.bid%2F&cookieconsent=true
Requested by: Host: a.pemsrv.com
URL: https://a.pemsrv.com/fp-interstitial.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2908526087368bd7de00bc81b5f6406774e2023e3cdbcd99027e80322eb25eae

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-CH-VALUES: {"architecture":"","bitness":"","brands":[],"fullVersionList":[],"mobile":false,"model":"","platform":"","platformVersion":""}

Response headers

Date: Thu, 16 Nov 2023 16:51:17 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://xx.knit.bid
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: X-CH-VALUES

GET splash.php
s.pemsrv.com/ 0
0

OPTIONS
H/1.1 200
OK splash.php
s.pemsrv.com/ Frame 0
0 124ms
61ms Preflight
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/splash.php?idzone=4687402&orientation=landscape&screen_resolution=1600x1200&p=https%3A%2F%2Fxx.knit.bid%2F&cookieconsent=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-ch-values
Access-Control-Request-Method: GET
Origin: https://xx.knit.bid
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-CH-VALUES
Access-Control-Allow-Origin: https://xx.knit.bid
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 16:51:17 GMT
Server: nginx
Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow

OPTIONS
H/1.1 200
OK splash.php
s.pemsrv.com/ Frame 0
0 92ms
29ms Preflight
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/splash.php?native-settings=1&idzone=4642630&cookieconsent=true&&p=https%3A%2F%2Fxx.knit.bid%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-ch-values
Access-Control-Request-Method: GET
Origin: https://xx.knit.bid
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 16:51:17 GMT
Server: nginx
Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow

GET
H3 200 ffe50003603b82c7d4cd.jpg
xx.knit.bid/static/images/2021/01/26/%5B%E5%97%B2%E5%9B%A1%E5%9B%A1FEILIN%5D%20VOL.348%20%E5%B0%8F%E8%9B%AE%E5%A6%96Yummy/ 132 KB
132 KB 582ms
566ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2021/01/26/%5B%E5%97%B2%E5%9B%A1%E5%9B%A1FEILIN%5D%20VOL.348%20%E5%B0%8F%E8%9B%AE%E5%A6%96Yummy/ffe50003603b82c7d4cd.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b1f7f6fce1d5535f562a9b7750abc666a9b0a279b614e6e29a25ae7576b72ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Apr 2022 01:53:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6248fe37-20fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBg66CyRuQD0smxA4tB2opM7YxkqZU%2Bqf7yT2c9b4FZLjv%2Bv4iIeKfviGcFv9JynkWCkmlIfrWtmHnH3yM1Q%2B9PSoUbUereBBE5bpTjUXVOx5hDQC4R5fa2vEaw1JnbsZLtRxoBf1CoGGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c510a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 135127
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1089ya4agr4mool.jpg
xx.knit.bid/static/images/2022/06/28/%E5%A5%B6%E6%A1%83%20-%20%E6%9E%AA%E5%87%9B%E5%90%8C%E4%BA%BA%E5%85%94%E5%A5%B3%E9%83%8E/ 30 KB
30 KB 210ms
193ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2022/06/28/%E5%A5%B6%E6%A1%83%20-%20%E6%9E%AA%E5%87%9B%E5%90%8C%E4%BA%BA%E5%85%94%E5%A5%B3%E9%83%8E/1089ya4agr4mool.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7caefc937477979372cb63cec3c19fe4baf356464ff42003d8a904e9ade00c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 06:31:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6509402a-76a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXtBIYXnHNcYQ4QincW8dcxqM49H978WFcREZG%2BtKm8BNIrQKW8KSOpWKsFGSRmj%2BK8SIZ5qEYmVAgfShrf72jFOgZZdHrWAmb06bKVB4QnUIOSxSwaV6FYXLujYbPShM4DtaK7i4MncHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c550a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 30377
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1621101797zuQa.jpg
xx.knit.bid/static/images/2021/05/16/%E6%80%A7%E6%84%9F%E6%97%97%E8%A2%8D%E7%BE%8E%E5%B0%91%E5%A6%87%E8%AF%B1%E6%83%91%E8%82%89%E4%B8%9D%E8%A2%9C%E7%BE%8E%E8%85%BF%E9%AB%98%E8%B7%9F%E5%A5%97%E5%9B%... 260 KB
261 KB 252ms
235ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2021/05/16/%E6%80%A7%E6%84%9F%E6%97%97%E8%A2%8D%E7%BE%8E%E5%B0%91%E5%A6%87%E8%AF%B1%E6%83%91%E8%82%89%E4%B8%9D%E8%A2%9C%E7%BE%8E%E8%85%BF%E9%AB%98%E8%B7%9F%E5%A5%97%E5%9B%BE%E9%A3%8E%E9%AA%9A%E6%92%85%E8%87%80%E8%AF%B1%E6%83%91/1621101797zuQa.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29f64518ff4aac2abdebd82ee2a9dd9da47bab6b689e4beff327246f7744411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Sun, 27 Mar 2022 03:35:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "623fdb8e-410de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cey%2FpnuqtphOZI%2B%2FB0NQnNtw4trMGpNGxQDFRBqRXL3VnBC%2Bp0Ja9Jm6Br1HJxHSTrYerxfa8cOjryWGXySqb4kXtvPJpzC49uIiMMj4ucYu2LHu14daS16HodxVPPSVCkDFOMlpPvkAaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c570a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 266462
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 369063joihywcqqbp.jpg
xx.knit.bid/static/images/2023/09/15/HaneAme%20%E9%9B%A8%E6%B3%A2%C2%A0%C2%A0%E8%94%9A%E8%93%9D%E6%A1%A3%E6%A1%88%20%E7%BE%BD%E5%B7%9D%E8%8E%B2%E5%AE%9E/ 23 KB
23 KB 1021ms
1005ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2023/09/15/HaneAme%20%E9%9B%A8%E6%B3%A2%C2%A0%C2%A0%E8%94%9A%E8%93%9D%E6%A1%A3%E6%A1%88%20%E7%BE%BD%E5%B7%9D%E8%8E%B2%E5%AE%9E/369063joihywcqqbp.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3490880ab44334af9e221e2c948e80a5e891a7fdb0fca15d863471cd41d92b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 01:47:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6508fd9d-5b44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvA8i7U0YJ5ye1sm2iglZhV9o%2F3V4wR14Q7dGNTdhevYjtEpB0oy3MJKS8I240DbMSJ8FZjzspnuMPox1qvxSR1kCmQ5owSlBN0uMyKmimyA%2B%2FB2hOztD5UmDqpJMSC%2FZfClH6IgARcDdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c590a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23364
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 13233152013.jpg
xx.knit.bid/static/images/2021/03/03/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2614%20%E5%AE%89%E7%84%B6Maleah/ 351 KB
351 KB 1047ms
1033ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2021/03/03/%5B%E7%A7%80%E4%BA%BAXiuRen%5D%20No.2614%20%E5%AE%89%E7%84%B6Maleah/13233152013.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 650249d89ae33e6e47586097ab9aa8bb21a9683470cec730d207006cac30c9cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Apr 2022 20:26:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6248b181-57b0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsNy7qVcCq5Bt5m6TM5uZRokRX03YhNz6LZWJqfRV3PNWOdqTLdz2uoTDaJ57wAoe3H1ksrS2j494rQTm1CtwKtj%2BclB8H6%2BJiATseGMQstSmNyumg7F0S4HP3Re1cQI3mfRwu1RGTvnsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c620a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 359182
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 138430002f7db0a639125.jpg
xx.knit.bid/static/images/2021/02/09/%5B%E7%BD%91%E7%BA%A2COSER%5D%20%E6%97%A5%E6%9C%AC%E7%94%9C%E7%BE%8ECOSER%E3%81%91%E3%82%93%E3%81%91%E3%82%93%5Bfantia%5D%202020.06%20%E3%82%B9%E3%83%9D%E3%83%9... 370 KB
371 KB 1572ms
1558ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2021/02/09/%5B%E7%BD%91%E7%BA%A2COSER%5D%20%E6%97%A5%E6%9C%AC%E7%94%9C%E7%BE%8ECOSER%E3%81%91%E3%82%93%E3%81%91%E3%82%93%5Bfantia%5D%202020.06%20%E3%82%B9%E3%83%9D%E3%83%96%E3%83%A9/138430002f7db0a639125.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a9d7eb994d170e5560b8cfafa08be24b95541b4aba1264d0836aae9b36aa6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Apr 2022 20:40:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6248b4b8-5c9a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOBQNpMXeat0vO2n80YqrKVVGShPg3m9IRPqIPYeRCu97S9nbkOy41HUhhJfPLMq1oXZPZX17Qh8dI5%2FgQRLRWbsPp6S3WAwmF%2FuWwFqhrkenVS2ylGR%2FSZpPhVb0KGTV4FfFne1y%2FXOaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c660a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 379298
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1608052032zmiL.jpg
xx.knit.bid/static/images/2020/12/16/Beautyleg%E6%80%A7%E6%84%9F%E8%85%BF%E6%A8%A1Kaylar%E6%9E%81%E8%87%B4%E9%95%BF%E8%85%BF%E8%82%89%E4%B8%9D%E8%A2%9C%E9%AB%98%E8%B7%9F%E5%86%99%E7%9C%9F/ 459 KB
460 KB 1963ms
1949ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2020/12/16/Beautyleg%E6%80%A7%E6%84%9F%E8%85%BF%E6%A8%A1Kaylar%E6%9E%81%E8%87%B4%E9%95%BF%E8%85%BF%E8%82%89%E4%B8%9D%E8%A2%9C%E9%AB%98%E8%B7%9F%E5%86%99%E7%9C%9F/1608052032zmiL.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac322d43668f6d3a4d376c2832bb6332455f306f7329eea549dbd12ae0756201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 22:33:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6242379c-72b6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfXEpZkDbGSjPImKx6o2%2BAsaF5%2B1G2V4S8YQ4zxnbjEY5ebDhx%2FvaUDswnCCOApOqfbWuR8NdgBTR11kXM80YFFpixykdokxaetUBT%2FmBiAM8MIXCraxvXbPaXFztqJpshrb4DmAxsQvUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c680a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 469868
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 13326484630.jpg
xx.knit.bid/static/images/2021/03/24/%5B%E6%A8%A1%E8%8C%83%E5%AD%A6%E9%99%A2MFStar%5D%20Vol.428%20%E5%A8%9C%E6%AF%94/ 343 KB
344 KB 2562ms
2547ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2021/03/24/%5B%E6%A8%A1%E8%8C%83%E5%AD%A6%E9%99%A2MFStar%5D%20Vol.428%20%E5%A8%9C%E6%AF%94/13326484630.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c30fb4ba9fa570b5195d637f97ecb5831899921416468d655019b31fbca796

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Apr 2022 19:40:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6248a6bb-55c90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEfmxMLk9vzPVyMdZL3RHUV8ztBm6ZA9MeSLJ8mpeo2CaQonpIBxnX9N4fxY2SbqloanxrivP1R5sBElhp4e3GxRN8haNalSdTVWmhbc8Lbmi3Bk%2F7nPpWh07L4%2FRXkOVkAERqkfGn60BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce19c690a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 351376
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fea10002078e2553be37.jpg
xx.knit.bid/static/images/2020/12/23/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.378%20%E7%B3%AF%E7%BE%8E%E5%AD%90Mini/ 223 KB
224 KB 2770ms
2754ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2020/12/23/%5B%E7%BE%8E%E5%AA%9B%E9%A6%86MyGirl%5D%20Vol.378%20%E7%B3%AF%E7%BE%8E%E5%AD%90Mini/fea10002078e2553be37.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 737beab6bf3b04eafbafdb40b2b07834d75188e28a15d8724572c7d037c72f18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Apr 2022 15:01:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "624b0859-37bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RNft6ZJ%2B7NFBhlJ7u1y0arj6jFWjrBo2WQMVfwaqUUeXEbQrRNMzvCAftuLfj5wgqNVSwKyu%2BRXiS7Pd3ic3d79DHIdlPyAKFtIQ%2F9KuPqws%2BhrotS%2Bg8xxpIgImDdojTURbN%2F9M6fNHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce1ac6c0a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 228316
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 374e320aaaa7834835244.jpg
xx.knit.bid/static/images/2019/11/11/%5BMISSLEG%E8%9C%9C%E4%B8%9D%5D%20%20%E4%B9%94%E4%BE%9D%E7%90%B3%E3%80%8A%E6%9D%9F%E7%BC%9A%E3%80%8B50P/ 1 MB
1 MB 62ms
47ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2019/11/11/%5BMISSLEG%E8%9C%9C%E4%B8%9D%5D%20%20%E4%B9%94%E4%BE%9D%E7%90%B3%E3%80%8A%E6%9D%9F%E7%BC%9A%E3%80%8B50P/374e320aaaa7834835244.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78817c74d023c1f24fba184f7ff2ee9fb8c1e709c71fedc15e465814001998e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83443
alt-svc: h3=":443"; ma=86400
content-length: 1181285
last-modified: Sat, 16 Oct 2021 02:36:15 GMT
server: cloudflare
etag: "616a3a9f-120665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGqVQHsiysXVSjhtiN8ajYkTq0KSVrt8G2ExxDzkWl82IOl2Ox6sy2uA7Wm4lXCh5PVP7LGzDNJQxo4LZJBZM6ay6XZ%2FFE2TYNZu9ibkjPLwfbwHRezuc6Z30DQtFhmVGFD9vznQqIracA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce1ac6d0a77-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 32nd4ogi2vd11.jpg
xx.knit.bid/static/images/2022/12/13/G%26G%20aka%20Alle/ 15 KB
16 KB 3713ms
3698ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2022/12/13/G%26G%20aka%20Alle/32nd4ogi2vd11.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305e8fac701ba76dad56c85151ebe36149d683c8e8d34356d4bb66b9e82a01f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 04:49:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65092847-3c93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GODJszxRJsz99V1zsvX4EwrR5LAozMgztrSWhgPNjCGFJXd%2FxpRYC3wZFj5wcjBwiJ3Z7YcBA9j7BEv5lUcvzXEOG3WBDfofx7TYnJzMxnDTieUMVzKSZAqNkWXSormT%2FzSLhrqPkV5jrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce1ac6e0a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15507
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1581307178h8yP.jpg
xx.knit.bid/static/images/2020/02/10/%E6%80%A7%E6%84%9F%E6%A8%A1%E7%89%B9%E5%AE%8BKiKi%E7%8E%B2%E7%8F%91%E7%9A%84%E6%9B%B2%E7%BA%BF%E8%AF%B1%E4%BA%BA%E7%9A%84%E8%BA%AB%E6%9D%90/ 179 KB
179 KB 3713ms
3698ms Image
image/jpeg 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xx.knit.bid/static/images/2020/02/10/%E6%80%A7%E6%84%9F%E6%A8%A1%E7%89%B9%E5%AE%8BKiKi%E7%8E%B2%E7%8F%91%E7%9A%84%E6%9B%B2%E7%BA%BF%E8%AF%B1%E4%BA%BA%E7%9A%84%E8%BA%AB%E6%9D%90/1581307178h8yP.jpg
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36476fc178c0f3daa3fc659efb815d8ea8733ea20927052d9f6f9e45d65c0cd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xx.knit.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 23:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62424380-2cb42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtIw1a7A9Qc3wX%2BhZwVaXpD61XcLG1bil6HNLhssgjr2cGGSONt548jrIEktwvaU%2Fqzyo7np%2FgfPwwbiQqz3UvBctXJCzd9pHYAstiS4ZgpZJYL6k2RmJJpPc%2BPLkDSNjxxXE9IMkMEQiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 82713ce1ac6f0a77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 183106
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 iconfont.woff
xx.knit.bid/static/zde/css/fonts/ 6 KB
7 KB 3807ms
3794ms Font
application/font-woff 2606:4700:3035::ac43:d429
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xx.knit.bid/static/zde/css/fonts/iconfont.woff
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/static/zde/css/style.css?v=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d429 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6428ed26e0fd88d83f7adac8fb716df1040576ff732d23ff6ec6da12a2f9b90

Request headers

Referer: https://xx.knit.bid/static/zde/css/style.css?v=1.0
Origin: https://xx.knit.bid
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 04:27:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 675730
etag: W/"62340a2b-18d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxbvREc78bvMwBPbs4ulyyryBOpdE958b21lFFnCIcTMmguVi53ziJM4GQOBN7vQr5aJBxzS51MqtmJ2x0e9jSaNoIweZ%2Ft9tDs1pyuWsWCGH7kmsrgBxHiYP9K%2F5JrsR3sO6gXN0ps%2B1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=315360000
cf-ray: 82713ce1ac720a77-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK api.php Show response
s.pemsrv.com/v1/ 100 B
677 B 36ms
33ms XHR
application/json 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/v1/api.php
Requested by: Host: a.pemsrv.com
URL: https://a.pemsrv.com/ad-provider.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 98bac465e6af9628f726ded12957d035608da68dd83fa41dec9ce501c6280e90

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 16 Nov 2023 16:51:17 GMT
Access-Control-Request-Method: POST
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://xx.knit.bid
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: Authorization, Content-Type

GET
H/1.1 200
OK venor.php Show response
s.pemsrv.com/ 1 B
447 B 37ms
35ms XHR
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/venor.php
Requested by: Host: a.pemsrv.com
URL: https://a.pemsrv.com/popunder1000.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 16:51:17 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H2 200 623edc1379eab2001214c81e.js Show response
buttons-config.sharethis.com/js/ 569 B
1011 B 671ms
436ms Script
text/javascript 2600:9000:25e8:e600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/623edc1379eab2001214c81e.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:e600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eb1663beb16f048a23f177c42de28f365e01b0db961b96036f371af2110a9c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:19 GMT
via: 1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 05 Apr 2022 15:05:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
etag: "366bc4aa80826ab9bc20acd3dbaa9bbe"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 569
x-amz-cf-id: WtKIfE9a5YxNDSaUZrmlOOAD67R9jjGgAK7iAa2Is49m6HTEFYH3wA==

GET
H/1.1 200
OK iframe.php Show response
s.pemsrv.com/ Frame 8C68 2 KB
1 KB 56ms
40ms Document
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pemsrv.com/iframe.php?url=H4sIAAAAAAAAAyWRT2.bQBDFvw3HeGfXuwOVrFxd4WK3ECBcqtl_SVMwywJtFPXDF8eXp6d5mt87vNdlCfOX3e5lfHjvf_2JNj6YcdjNA8UljGGHqJzgjix3wqeZcilnglNmyWRkhFZapRpwbzJQSjquvIGUhHeIhMZmj.vs4ld7AM_JKpFqDUo45jloyKwyWhsrUya1VE6jBrclAKgVSHS0PQFkIE2WzOMajdtIe5XinvFkcIP.RI_BXoruWBTV8VLo44VQG5w2zbtONPUTQFOxtbdFe8on1dTwtMQpiGoNvc1VzeKU0zTleXct19ulYzG0N_vtFobreYHrEPbLdejD8DH2K5vXni0z7wPEcRjA5rIcf363wxtDfq8h19Qfd8pnxd0W3elU1D.q7hld1OVKmlp9Fg35mzp8K9vWiapUjfzrn5MABymYZFIl9H5gyRLJ_D57f4B_EoEZzLZNPCIXiIYo5aAsV5YQ0__0c69P1wEAAA--
Requested by: Host: a.pemsrv.com
URL: https://a.pemsrv.com/fp-interstitial.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8211bd489dded5ff869176191d0d5a72b9b066f276f12b443c7b9e2d08864a9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 16:51:17 GMT
Server: nginx
Transfer-Encoding: chunked
X-Robots-Tag: noindex, follow

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
398 B 672ms
467ms XHR
text/plain 3.120.113.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=xx.knit.bid&location=%2F&product=sop&url=https%3A%2F%2Fxx.knit.bid%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%E7%88%B1%E5%A6%B9%E5%AD%90&cms=unknown&publisher=623edc1379eab2001214c81e&sop=true&version=st_sop.js&lang=en&description=%E6%AF%8F%E6%97%A5%E5%88%86%E4%BA%AB%E6%9C%80%E6%96%B0%E6%9C%80%E5%85%A8%E7%9A%84%E7%BE%8E%E5%A5%B3%E5%9B%BE%E7%89%87%E5%92%8C%E9%AB%98%E6%B8%85%E6%80%A7%E6%84%9F%E7%BE%8E%E5%A5%B3%E5%9B%BE%E7%89%87%E3%80%81cos%E3%80%81cosplay%E3%80%81xx%E3%80%81%E7%BE%8E%E5%A5%B3%E3%80%81xx%E7%BE%8E%E5%A5%B3%E3%80%81%E7%BE%8E%E5%A5%B3%E7%BD%91%E7%AB%99%E3%80%81%E7%BE%8E%E5%A5%B3%E7%85%A7%E7%89%87%E3%80%81%E8%A3%B8%E4%BD%93%E7%BE%8E%E5%A5%B3%E3%80%81%E7%BE%8E%E5%A5%B3%E8%A3%B8%E4%BD%93%E3%80%81%E7%BE%8E%E5%A5%B3%E5%9B%BE%E3%80%81%E6%80%A7%E6%84%9F%E5%A6%B9%E5%AD%90%E3%80%81%E6%97%A5%E6%9C%AC%E5%A6%B9%E5%AD%90%E3%80%81%E5%8F%B0%E6%B9%BE%E5%A6%B9%E5%AD%90%E3%80%81%E6%B8%85%E7%BA%AF%E5%A6%B9%E5%AD%90%E3%80%81%E5%A6%B9%E5%AD%90%E8%87%AA%E6%8B%8D%E4%BB%A5%E5%8F%8A%E8%A1%97%E6%8B%8D%E7%BE%8E%E5%A5%B3%E5%9B%BE%E7%89%87&ua=&ua_mobile=false&ua_full_version_list=&uuid=848dcaea-b2e1-422b-ae7f-936e3e875737

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.113.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-113-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 16:51:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://xx.knit.bid
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 124ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PEWFD7GRGP&gtm=45je3b81v885927754&_p=1700153477245&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=56233579.1700153478&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700153477&sct=1&seg=0&dl=https%3A%2F%2Fxx.knit.bid%2F&dt=%E7%88%B1%E5%A6%B9%E5%AD%90&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2356
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PEWFD7GRGP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 16:51:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xx.knit.bid
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.16/ 59 KB
25 KB 57ms
49ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.16/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cwa6886520?ref=bwt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
content-encoding: br
last-modified: Sun, 12 Nov 2023 10:55:20 GMT
etag: W/"0x8DBE36DDD4CF754"
vary: Accept-Encoding
x-azure-ref: 20231116T165117Z-ttxx6t00kx7w5d6xe0kzza1ar400000007v0000000010k53
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 41dbf802-a01e-0002-366d-159063000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET adshow.php
poweredby.jads.co/ Frame F3C3 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 9240 3 KB
2 KB 574ms
514ms Document
text/html 185.94.237.73
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=1032632
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.73 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 1760286fac70e3b4fef0df171c2e8ee7da9b352a08391a492ad60501896a2eae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 16:51:18 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET adshow.php
poweredby.jads.co/ Frame 10C7 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame AB00 3 KB
2 KB 692ms
620ms Document
text/html 185.94.237.73
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=1032726
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.73 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: a0a0337874ce8823c30b1f6cc2e36705b484929121c4c33aef6d9b4ae6d1b03f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 16:51:18 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H2

200

LPOmega Show response
creative.mnaspm.com/ Frame 6574
Redirect Chain

https://go.xlivrdr.com/smartpop/776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&sourceId=4687402&memberId=op...
https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148...

763 B
760 B

140ms
42ms

Document
text/html

2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240

Requested by

Host: s.pemsrv.com
URL: https://s.pemsrv.com/iframe.php?url=H4sIAAAAAAAAAyWRT2.bQBDFvw3HeGfXuwOVrFxd4WK3ECBcqtl_SVMwywJtFPXDF8eXp6d5mt87vNdlCfOX3e5lfHjvf_2JNj6YcdjNA8UljGGHqJzgjix3wqeZcilnglNmyWRkhFZapRpwbzJQSjquvIGUhHeIhMZmj.vs4ld7AM_JKpFqDUo45jloyKwyWhsrUya1VE6jBrclAKgVSHS0PQFkIE2WzOMajdtIe5XinvFkcIP.RI_BXoruWBTV8VLo44VQG5w2zbtONPUTQFOxtbdFe8on1dTwtMQpiGoNvc1VzeKU0zTleXct19ulYzG0N_vtFobreYHrEPbLdejD8DH2K5vXni0z7wPEcRjA5rIcf363wxtDfq8h19Qfd8pnxd0W3elU1D.q7hld1OVKmlp9Fg35mzp8K9vWiapUjfzrn5MABymYZFIl9H5gyRLJ_D57f4B_EoEZzLZNPCIXiIYo5aAsV5YQ0__0c69P1wEAAA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70b1f3dfe498e8eb1874da5959e4a4180f1a6d4180d8f3dceb99730ca24c29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://s.pemsrv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
age: 8
alt-svc: h3=":443"; ma=86400
cache-control: max-age=10
cf-cache-status: HIT
cf-ray: 82713ce72cc766bb-AMS
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 16:51:18 GMT
expires: Thu, 16 Nov 2023 16:51:15 GMT
last-modified: Wed, 15 Nov 2023 10:30:53 GMT
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82713ce6381d66f2-AMS
content-length: 0
date: Thu, 16 Nov 2023 16:51:18 GMT
location: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
server: cloudflare

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 385ms
129ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://xx.knit.bid
Date: Thu, 16 Nov 2023 16:51:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 414ms
169ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://xx.knit.bid
Date: Thu, 16 Nov 2023 16:51:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 main.9d5f6d71462bfa42ec00.css
creative.mnaspm.com/LPOmega/ Frame 6574 71 KB
13 KB 53ms
42ms Stylesheet
text/css 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.css
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01496eae9ef08eeef6fc7690a189574e60dc777b7ebd3f7be5cbb87b2fe346b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:34:50 GMT
server: cloudflare
age: 7
etag: W/"65549eca-11c50"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10
cf-ray: 82713ce78d4766bb-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 Nov 2023 16:51:12 GMT

GET
H2 200 main.9d5f6d71462bfa42ec00.js Show response
creative.mnaspm.com/LPOmega/ Frame 6574 321 KB
96 KB 67ms
56ms Script
application/javascript 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cbe8cd67de67bffe4f98a27d6ae2e2159028b2f4697e761de8f25a6ba6216e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:34:50 GMT
server: cloudflare
age: 9
etag: W/"65549eca-505f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 82713ce78d4a66bb-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 Nov 2023 16:51:15 GMT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 259 B
638 B 129ms
23ms Script
text/javascript 65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fxx.knit.bid%2F

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-92.fra56.r.cloudfront.net

Software

Resource Hash

dbc03401fe8bad643ee6a242e9714a23b2604f775f60522fc18978ccb857d3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:48:34 GMT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C1
age: 411
etag: c6e5f7be7a4c37ee6aeca93adfc65d73
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=900
content-length: 259
apigw-requestid: Of2VTi-MIAMEPQA=
x-amz-cf-id: aoyGKCYUhsihsnk8IQgHDqL7pTJGGv-qlC09G1uo797-KcVLhtKctw==

GET
H2 200 weibo.svg
platform-cdn.sharethis.com/img/ 1 KB
1 KB 121ms
21ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/weibo.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

df0ae8713782229cd75ad43052897acbd3137df4281fe85c827901b1a98f1c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:40:57 GMT
content-encoding: gzip
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 33022
x-amz-server-side-encryption: AES256
etag: W/"66af87221f9c1ee574d843bfea27738d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 5o9-gxL5-QuXt0v_oxyXYnjBElvD4OZJpnMF-spHJC2CNWj9hSXDNA==

GET
H2 200 wechat.svg
platform-cdn.sharethis.com/img/ 3 KB
2 KB 120ms
20ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/wechat.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:39:55 GMT
content-encoding: gzip
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 33084
x-amz-server-side-encryption: AES256
etag: W/"857e7ba5ca888da30b3fdb02c485cc30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: RdC9kIqIMH0GgZJ77RZi2kLqhZMtvs_xSxMi7Iss8dqth7CSujFXJQ==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
781 B 119ms
19ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:49:18 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 121
x-amz-server-side-encryption: AES256
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 368
x-amz-cf-id: C4-zamij9mBzMXPkWw3HeRNWyVnGm1bJ7PF3pXovF1fwBqZ8l2_NAQ==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
742 B 121ms
21ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:45:41 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 50738
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 1tDBWoSo95ydzte2tE-uZtxWaySLlQ78RqD6Gxqb-q9gw6RdpxMULA==

GET
H2 200 telegram.svg
platform-cdn.sharethis.com/img/ 858 B
1 KB 121ms
22ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/telegram.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:49:21 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 12 Aug 2022 01:07:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 118
x-amz-server-side-encryption: AES256
etag: "e3f5e90fa57764cd951db1b1bc688edd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 858
x-amz-cf-id: g09adQnSigTkkWk9wHrF7609TlVVas13UifInh5sRK4_iCyQiQwXcQ==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
787 B 122ms
22ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:06:15 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 175504
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: fw_DyvVKNyDOx-eL1AZtETBP7gOW6CkScB-6PffA0Eyqh7lDNEQQ0A==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
957 B 23ms
22ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sharethis.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 23:03:52 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 2569647
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 514
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "deecdaa377907db5cc1722fc831670a1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 2EyuT4evXjVFmErix0LaFX47_yPVO2H7OBGx80dkMy8Tl3Dq8efg3A==

GET
H2 200 arrow_left.svg
platform-cdn.sharethis.com/img/ 565 B
991 B 24ms
23ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_left.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 23:05:25 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2396754
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: qUt09HP-kOjhZli5KCExNpzdPA7CMwbqe06CBAhKtlKMBlWClRTofw==

GET
H2 200 arrow_right.svg
platform-cdn.sharethis.com/img/ 565 B
990 B 24ms
24ms Image
image/svg+xml 2600:9000:2156:e400:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/arrow_right.svg

Requested by

Host: xx.knit.bid
URL: https://xx.knit.bid/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:e400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 00:29:15 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2305324
etag: "9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 565
x-amz-cf-id: H_gUe3Rl5IXfHV7EchVj92jXmqB1F7xX9qwSPwTqrNaXZdMskQpplA==

GET
H3 200 en.json Show response
creative.mnaspm.com/LPExperience/lang/ Frame 6574 4 KB
1 KB 55ms
54ms Fetch
application/json 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.mnaspm.com/LPExperience/lang/en.json
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2d5fca01232e0f201e3ed63481e08423ced62c325310652f4284da97f6589c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:30:04 GMT
server: cloudflare
age: 7
etag: W/"65549dac-eca"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=10
cf-ray: 82713ce93e526692-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 Nov 2023 16:51:21 GMT

GET
H3 200 en.json Show response
creative.mnaspm.com/widgets/AgeVerification/lang/ Frame 6574 4 KB
1 KB 44ms
43ms Fetch
application/json 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.mnaspm.com/widgets/AgeVerification/lang/en.json
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142fe2a082dfe43f2eab11533885dba53ecbad12813475b89aa518424bfc062f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:31:31 GMT
server: cloudflare
age: 7
etag: W/"65549e03-f06"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=10
cf-ray: 82713ce93e556692-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 Nov 2023 16:51:14 GMT

GET
H2 200 config Show response
go.mnaspm.com/ Frame 6574 6 KB
2 KB 299ms
64ms Fetch
application/json 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.mnaspm.com/config?url=https%3A%2F%2Fcreative.mnaspm.com%2FLPOmega%3Faction%3DsbSignupWithModel%26ax%3D0%26campaignId%3D776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9%26campaignType%3Dsmartpop%26creativeId%3D47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69%26iterationId%3D764570%26masterSmartpopId%3D1738%26memberId%3DopdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY%26p1%3D5305056%26quality%3D240p%26ruleId%3D12%26smartpopId%3D7200%26sourceId%3D4687402%26trackOff%3D1%26usePreroll%3D0%26userId%3D1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9%26variationId%3D32240
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 571b1ba5f24f952208e2ee54b3817c8efa07a687957c7806b37d244f62b8c42a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 16:51:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
cf-ray: 82713ceabb236667-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
video.ktkjmp.com/ Frame 6574 16 B
668 B 265ms
38ms Fetch
application/javascript 2606:4700:3110::6812:3eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.ktkjmp.com/adsbygoogle.js
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:18 GMT
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status: HIT
x-amz-request-id: 686XAPMC0A16CH9B
age: 419
alt-svc: h3=":443"; ma=86400
content-length: 16
x-amz-id-2: gKVoTSIyz4XzLpC53PiZNhISaMEbNVvmHuNZz+O9tqJRKTEdTohMgF5nR4TR85vOkfgskQMjVKM=
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag: "3d7f7a60216d40dea48e495fef6903c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://creative.mnaspm.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 82713ceaaf340ae1-AMS
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires: Thu, 16 Nov 2023 20:51:18 GMT

GET
H/1.1 200
OK ad1992608-1699395276.png
i.jads.co/ads/user194460/ Frame 9240 116 KB
116 KB 146ms
26ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/ads/user194460/ad1992608-1699395276.png
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1032632
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 579a049f7ef6ad0876ddb083d03e56f381cae33723a04fab43ecec69e9dcf515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 16:51:18 GMT
Last-Modified: Tue, 07 Nov 2023 22:14:36 GMT
ETag: "1699395276"
X-HW: 1700153478.dop101.fr8.t,1700153478.cds265.fr8.shn,1700153478.dop101.fr8.t,1700153478.cds249.fr8.c
Content-Type: image/png
Cache-Control: max-age=30780062
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 118631

GET
H/1.1 200
OK 8605-1583019937-0419205001583019937.gif
i.jads.co/network/user47819/ Frame AB00 1 MB
1 MB 133ms
27ms Image
image/gif 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/network/user47819/8605-1583019937-0419205001583019937.gif
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1032726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 00abbe0f8a345185a8222edc20b9e97a76bfcbba268f280508e3df79fd685ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 16:51:18 GMT
Last-Modified: Sat, 29 Feb 2020 23:45:37 GMT
ETag: "1583019937"
X-HW: 1700153478.dop220.fr8.t,1700153478.cds227.fr8.shn,1700153478.dop220.fr8.t,1700153478.cds232.fr8.c
Content-Type: image/gif
Cache-Control: max-age=3653117
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1056226

GET
H3 200 models Show response
go.mnaspm.com/api/ Frame 6574 2 KB
961 B 56ms
55ms Fetch
application/json 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.mnaspm.com/api/models?quality=240p&forceClient=1&stripcashR=0&limit=1&usePreroll=0&webp=1
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb48e3a670518d76c2a8ff5c00eae63ecdff94f68c08f04d598d7adc00d88de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 16:51:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: cloudflare
age: 0
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
access-control-allow-credentials: true
cf-ray: 82713ceb491e6692-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 chat Show response
stripchat.com/api/front/v2/models/username/YoungSophie/ Frame 6574 25 KB
2 KB 147ms
37ms Fetch
application/json 2606:4700:311f::6812:3f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stripchat.com/api/front/v2/models/username/YoungSophie/chat
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e05d58a1280af198a141f850b7c801d57dd387a40305adcb3988cb939e2288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:19 GMT
content-encoding: br
cf-cache-status: HIT
x-backend: india-backend-pink-798c88b5b-xb9qr
x-api-version: 10.72.1
age: 1
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 16:51:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
cache-control: no-cache
cf-ray: 82713ced086c0e30-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 23501402_webp
img.strpst.com/thumbs/1700153400/ Frame 6574 8 KB
8 KB 154ms
46ms Image
image/webp 2606:4700:311f::6812:3f84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1700153400/23501402_webp
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434e44a9c09123bff4287bc19b5993bf32ab2dc9f5fff81bc1b94412e33d452f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:19 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 16:49:10 GMT
server: cloudflare
age: 83
etag: "1f0e504bcf6ab679a0942e06bfc89a97"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 82713ced0b9f5c3c-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8284

POST
H2 200 view Show response
go.mnaspm.com/thumbs/ Frame 6574 224 B
356 B 53ms
46ms Fetch
application/json 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.mnaspm.com/thumbs/view
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e952116381ea54ff9a0ebbc2c1065f03e43ea012d9e935368909db867e39925b

Request headers

Referer: https://creative.mnaspm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 16:51:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: cloudflare
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
cf-ray: 82713ced0f6e6667-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 checkUrl Show response
edge-hls.doppiocdn.org/ Frame 6574 14 B
172 B 210ms
42ms Fetch
application/octet-stream 8.253.95.111
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://edge-hls.doppiocdn.org/checkUrl
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: c45272c1b33373d94fb6786698d5145ba0cb558fc7494d91cbbb380b4fc561a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:19 GMT
server: nginx
age: 3
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30
accept-ranges: bytes
content-length: 14

GET
H3 200 vendors~hls.0d45af8f1e202112dd0a.js Show response
creative.mnaspm.com/LPOmega/ Frame 6574 174 KB
53 KB 64ms
56ms Script
application/javascript 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63cf9fda52eb82dd5f9d18cd15e54af4ee08a7a37c6f0fdd09cc34fbfa598e06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 16:51:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:34:50 GMT
server: cloudflare
age: 4
etag: W/"65549eca-2b6c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 82713cee4d8e6692-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 Nov 2023 16:51:20 GMT

GET
H3 200 hls.4cfa5b780bfed20a8b26.js Show response
creative.mnaspm.com/LPOmega/ Frame 6574 61 B
288 B 62ms
55ms Script
application/javascript 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.mnaspm.com/LPOmega/hls.4cfa5b780bfed20a8b26.js
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/LPOmega?action=sbSignupWithModel&ax=0&campaignId=776e32ead2e3f896e82032a9dac9ac3b6b68b174c91665e26fc18a3fe77a7cd9&campaignType=smartpop&creativeId=47df8ac6172a002efc9148d4edcb886af0647b890930dd6c15d0a48205704c69&iterationId=764570&masterSmartpopId=1738&memberId=opdPNZHNNTHPNbHPa7bc7qa7bKZZ3WVU11WT0uldNXLKq6WV1Utrqp3TupldK6V0rqKaqqKKZnSuldK6Z0rpXSuldM6V0rpnOt1nmp4tnmlpmzolu0sul0ts2lp1romm1dK5So_Qdmj072dNXLKqaeWVzpXSuldK6V0rpXSuldNZLLNVRTZY7erbSuabaXbO3WafbO3We7jSXXe3TS6W5wfY&p1=5305056&quality=240p&ruleId=12&smartpopId=7200&sourceId=4687402&trackOff=1&usePreroll=0&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=32240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: public
date: Thu, 16 Nov 2023 16:51:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2023 10:34:50 GMT
server: cloudflare
age: 0
etag: W/"65549eca-3d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 82713cee4d906692-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 16 Nov 2023 16:51:19 GMT

POST
H3 204 checkDomainResult Show response
go.mnaspm.com/ Frame 6574 0
379 B 154ms
149ms Fetch 2606:4700:3110::6812:336a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.mnaspm.com/checkDomainResult
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://creative.mnaspm.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://creative.mnaspm.com
date: Thu, 16 Nov 2023 16:51:19 GMT
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
server: cloudflare
cf-ray: 82713ceeba4c0bce-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 204 matomo.php
stats.viagle.com/ 0
156 B 958ms
948ms Ping
text/plain 42.193.105.3
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.viagle.com/matomo.php?action_name=%E7%88%B1%E5%A6%B9%E5%AD%90&idsite=1&rec=1&r=401089&h=17&m=51&s=19&url=https%3A%2F%2Fxx.knit.bid%2F&_id=08d389fbe8f234d0&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=f2CnuR&pf_net=99&pf_srv=686&pf_tfr=17&pf_dm1=312&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: stats.viagle.com
URL: https://stats.viagle.com/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.193.105.3 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/8.1.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://xx.knit.bid
date: Thu, 16 Nov 2023 16:51:20 GMT
access-control-allow-credentials: true
referrer-policy: origin
server: nginx/1.14.0 (Ubuntu)
x-powered-by: PHP/8.1.22

GET
H2 200 23501402_240p.m3u8 Show response
edge-hls.doppiocdn.net/hls/23501402/master/ Frame 6574 224 B
643 B 797ms
57ms XHR
application/vnd.apple.mpegurl 2600:9000:2450:f800:c:2c8:3ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge-hls.doppiocdn.net/hls/23501402/master/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:f800:c:2c8:3ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4774c4948e403827d5bfb975d44a48e605a979efeb32af56fe468ed2394ce21e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:18 GMT
content-encoding: gzip
via: 1.1 83d0137377604ae8e59d0712f3ef6fe2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 16:51:18 GMT
server: nginx
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=3, s-maxage=3
timing-allow-origin: *
x-amz-cf-id: QjtfBDxyVNxsSYTo4oysWjzjmK1T09gRtfY5vns5J7yANvHh_eLsmA==
x-proxy-cache: MISS

GET
H2 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
750 B 489ms
35ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fbd1d3903c609d128e5aa86e82890426f2478b25862eef99406a8b6952e2a8de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:20 GMT
content-encoding: gzip
via: 1.1 645f43b8717568c0a4b2c8f32ab504dc.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:20 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oK5_JX2T1U_dni8iYlH4D7yHBE3HAl4CsGSRyB0UVmk5_h0ZBMQVmw==
x-proxy-cache: HIT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 120ms
117ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://xx.knit.bid
Date: Thu, 16 Nov 2023 16:51:20 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 23501402_240p_init_i5HAtoj83tgGAnEW.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 1 KB
2 KB 82ms
16ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_init_i5HAtoj83tgGAnEW.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff7a6a0be139b984e80db980721590ce63b1d0c79b944744e504bec2dc231cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:50:28 GMT
via: 1.1 645f43b8717568c0a4b2c8f32ab504dc.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 15:35:24 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 52
etag: "655636bc-4c1"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1217
x-amz-cf-id: iiB-vPb4JIrq5yXwLeiJ_JZdF__fnn8P6KYKsW2D3EawXp9SHM37DQ==

GET
BLOB 200
OK 1e6bd393-8ab1-4d45-9574-64556546a20b
https://creative.mnaspm.com/ Frame 6574 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://creative.mnaspm.com/1e6bd393-8ab1-4d45-9574-64556546a20b
Requested by: Host: xx.knit.bid
URL: https://xx.knit.bid/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 62321
Content-Type: text/javascript

GET
H2 200 23501402_240p_3212_pb8hSZUGFtPLdYNS_1700153471.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 167 KB
167 KB 54ms
52ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3212_pb8hSZUGFtPLdYNS_1700153471.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: afe66bf92838f75ad219c5cc5d9173d4edab55815a4d52262f72ed22cbf52150

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:15 GMT
via: 1.1 645f43b8717568c0a4b2c8f32ab504dc.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:13 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
age: 6
etag: "65564881-29baf"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 170927
x-amz-cf-id: J_5D9YGA8296rfO3tYtetSXp2wrrL7gPwi8neDOXiCQ5yNfGOPUEPQ==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E7BE06D45E3543CDBE81A3A473ABCCA0&RedC=c.clarity.ms&MXFR=10D0CB23D0DB644D29B7D8E8D4DB6AF7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7BE06D45E3543CDBE81A3A473ABCCA0&MUID=23F52C6B082C6F2D23323FA009FE6ED5

42 B
443 B

146ms
24ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7BE06D45E3543CDBE81A3A473ABCCA0&MUID=23F52C6B082C6F2D23323FA009FE6ED5
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 16:51:21 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 16:51:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BB0ADD56279473FA6EA0C463C179507 Ref B: FRAEDGE1317 Ref C: 2023-11-16T16:51:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E7BE06D45E3543CDBE81A3A473ABCCA0&MUID=23F52C6B082C6F2D23323FA009FE6ED5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 23501402_240p_3213_5PjK8hGgXlwLLmPJ_1700153473.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 171 KB
172 KB 36ms
30ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3213_5PjK8hGgXlwLLmPJ_1700153473.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 30b0efa4e89131b193c058f261e64a347b533eb3d599fa44ef7d8b05cb8d2cd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:17 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:15 GMT
server: nginx
age: 4
x-amz-cf-pop: MXP64-P1
etag: "65564883-2acc6"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 175302
x-amz-cf-id: VAFeURMxoA4gvxil3vcAhrPE_jWU06rtnD0j4ZFIf6PmKLTyd0L4iA==

GET
H3 200 23501402_240p_3214_2beL5K1RHfzVmbtP_1700153475.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 174 KB
174 KB 32ms
31ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3214_2beL5K1RHfzVmbtP_1700153475.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e40b89c3d1e2f6eea3c6200ad9235a51edaa52cdb186f7bfea35ba0e1b875dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:18 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
age: 3
x-amz-cf-pop: MXP64-P1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 178084
last-modified: Thu, 16 Nov 2023 16:51:17 GMT
server: nginx
etag: "65564885-2b7a4"
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: AVsrlWGJRtp2iTJECVztbBXnNDGQMXt9TYtTCul2OsMbj6J2gG35uA==

GET
H3 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
639 B 152ms
80ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 48dcf2a9787523152023808b0bf55a33ccd87031bfb4144f3135dd210eafd5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:22 GMT
content-encoding: gzip
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:22 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 1i_0jvBevHpQwkSdaabwnX4mHJV3pHUuxXIxshgLAmJTLBpcp0LFhQ==
x-proxy-cache: HIT

GET
H3 200 23501402_240p_3215_oXYHf0RygPdlOHel_1700153477.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 173 KB
174 KB 114ms
76ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3215_oXYHf0RygPdlOHel_1700153477.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b2f9257db3715bdcce47cfffa8b2d95e290d617399a970f280b5664e3d7f61e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:21 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:19 GMT
server: nginx
age: 1
x-amz-cf-pop: MXP64-P1
etag: "65564887-2b58e"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 177550
x-amz-cf-id: wBOBrCfuaGbjX3EpoY4R2HoeHG42RCDnHc9WvsTHdQ0RLkjqvvTvQg==

GET
H3 200 23501402_240p_3216_o71mXu9kgpJfrWgW_1700153479.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 168 KB
168 KB 199ms
157ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3216_o71mXu9kgpJfrWgW_1700153479.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fe4220781e985a731ca8137dff96c862b019b7cc017dd855fdf9e1411781f75f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:22 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:21 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
etag: "65564889-29e6f"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 171631
x-amz-cf-id: d4Vt-Ggy6kxg2QUaqIT_3HOcOa2235MCMAekMvHm03Umbxh7T-HzjA==

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
291 B 165ms
116ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://xx.knit.bid
Date: Thu, 16 Nov 2023 16:51:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
642 B 80ms
54ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ee1a587f804e9be23986e6d5cddb19bd1c635df99a1638cc73eb2c5e8f59cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:24 GMT
content-encoding: gzip
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:24 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: V-UBqVLjhgjnMNOzOI14MRIaYOTVH1vFShEAXtTYnkcPnNuqj7Kz7w==
x-proxy-cache: MISS

GET
H3 200 23501402_240p_3217_vcnwe6l5T8ghNUnx_1700153481.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 172 KB
173 KB 300ms
214ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3217_vcnwe6l5T8ghNUnx_1700153481.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d01e38bcbd576ce9083e0575d19d9036be0de3d41e7d2023b0a0705934d1fe1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:24 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:23 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
etag: "6556488b-2b1f3"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 176627
x-amz-cf-id: RdCgHEXgJzkbrdtmwY2RBBDTEip6_6gfNuQUnQQfSQ94VLXpYL7KoA==

GET
H3 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
639 B 36ms
35ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 376d3dd231e31c44e5c53912a00992cdc439219a6d49d37589e5c6fc74ba5c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:26 GMT
content-encoding: gzip
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:26 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: z3gnTb0mg6Yx7tbI-d8KY6oK2T5LIdudmBo7LyIXAS0-yt1pbg7VCA==
x-proxy-cache: HIT

GET
H3 200 23501402_240p_3218_D8P8JhzhrxB1KWKq_1700153483.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 177 KB
178 KB 76ms
75ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3218_D8P8JhzhrxB1KWKq_1700153483.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a25a2532c59bb25b41fddb8b859ca3e0c0e7aeb47e51c8d0f766b7b46f9f59d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:26 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:25 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
etag: "6556488d-2c504"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 181508
x-amz-cf-id: HDxaX6kd-df_p6NqoxHwXbWzL2ELyMCsbCnKH6N9H7UUStI1lTYCbg==

GET
H3 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
640 B 43ms
42ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fc58bc2b91060a666e158a5283d6de2b3517378997cc9891f5b3523b36c4e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:28 GMT
content-encoding: gzip
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:28 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IxON6Pfb9AHaipsTbgdPwrZHBGzTEnPrF44lOMjNYGTeP6BoeO0frQ==
x-proxy-cache: HIT

GET
H3 200 23501402_240p_3219_zgwlFoJolCeHZSnC_1700153485.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 168 KB
169 KB 48ms
47ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3219_zgwlFoJolCeHZSnC_1700153485.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e6ff9c46baff417e66eb426faf8f9cbec78810eb6d3875286a18a78f86d50f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:27 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:27 GMT
server: nginx
age: 1
x-amz-cf-pop: MXP64-P1
etag: "6556488f-2a10d"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 172301
x-amz-cf-id: UFavpVVPeMCTIcImSIrPP45d3eDeBji6tkLktL-QfTu8CKXRVHJDLQ==

GET
H2 200 chat Show response
stripchat.com/api/front/v2/models/username/YoungSophie/ Frame 6574 25 KB
2 KB 38ms
37ms Fetch
application/json 2606:4700:311f::6812:3f7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stripchat.com/api/front/v2/models/username/YoungSophie/chat
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/main.9d5f6d71462bfa42ec00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e05d58a1280af198a141f850b7c801d57dd387a40305adcb3988cb939e2288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:29 GMT
content-encoding: br
cf-cache-status: HIT
x-backend: golf-backend-pink-856dfd5497-fv6qk
x-api-version: 10.72.1
age: 5
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 16:51:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.mnaspm.com
cache-control: no-cache
cf-ray: 82713d2bdd6d0e30-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
639 B 42ms
42ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 168727ae11aab165878f1fba7414a8f5dd7765e629da5b85fe126bb397820aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:30 GMT
content-encoding: gzip
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:30 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KfWcxmdLdkfo6EqMFPRqcaycT-xBYgs6-MochxaV44Psw94jaRuxCg==
x-proxy-cache: HIT

GET
H3 200 23501402_240p.m3u8 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 727 B
646 B 42ms
42ms XHR
application/vnd.apple.mpegurl 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p.m3u8
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 37e830404129794b035a270dd91edd8af05184403fc9e3379354a7bf2e8f4578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:31 GMT
content-encoding: gzip
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:31 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Iq6bgHcuAfp8XvmzRXpSzG39e8PdBLRjJD_w7MtLVMEoVOM9DR6GNA==
x-proxy-cache: EXPIRED

GET
H3 200 23501402_240p_3220_een7aqCOlCBWW90J_1700153487.mp4 Show response
b-hls-02.doppiocdn.net/hls/23501402/ Frame 6574 168 KB
168 KB 43ms
42ms XHR
video/mp4 2600:9000:248c:8a00:8:b70:b740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-hls-02.doppiocdn.net/hls/23501402/23501402_240p_3220_een7aqCOlCBWW90J_1700153487.mp4
Requested by: Host: creative.mnaspm.com
URL: https://creative.mnaspm.com/LPOmega/vendors~hls.0d45af8f1e202112dd0a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:248c:8a00:8:b70:b740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dd95f5f4a63fe0989f6af9e14eff95ee1c6e04d2b0c38d6359f28fa174396868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.mnaspm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:51:31 GMT
via: 1.1 3e6bcbe331beee2f38e13259af01af8e.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 16:51:29 GMT
server: nginx
x-amz-cf-pop: MXP64-P1
etag: "65564891-29eef"
x-cache: Hit from cloudfront
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 171759
x-amz-cf-id: sYuQg9bhEtg3oGeerdhVavamxBVz_6wV-3LxTXSzavVgyXRonZlP2g==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.pemsrv.com
URL: https://s.pemsrv.com/splash.php?native-settings=1&idzone=4642630&cookieconsent=true&&p=https%3A%2F%2Fxx.knit.bid%2F

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1032632

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1032726

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xx.knit.bid/	1970-01-20 17:20:41	Name: pn-zone-4668192 Value: 1704041477488
www.clarity.ms/	1970-01-21 01:01:29	Name: CLID Value: 84896663815a4506b50d59f29345d81d.20231116.20241115
.pemsrv.com/	1970-01-21 01:51:53	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22655648857c9655.199255001957323266%22%3B%7D
.knit.bid/	1970-01-21 01:51:53	Name: _ga_PEWFD7GRGP Value: GS1.1.1700153477.1.0.1700153477.0.0.0
.knit.bid/	1970-01-21 01:51:53	Name: _ga Value: GA1.1.56233579.1700153478
.knit.bid/	1970-01-21 01:01:29	Name: _clck Value: 1deq6l0\|2\|fgr\|0\|1415
go.xlivrdr.com/	1970-01-20 16:17:19	Name: __cflb Value: 02DiuDFRFiBZBvMSLtrs3cR5HVWEzYfypBuvmwHBy1XvC
.jads.co/	1970-01-20 16:20:12	Name: juicy_data Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
.jads.co/	1970-01-21 01:01:29	Name: surferid Value: e163cdfc8cd941ff0cb4e6ca5f8ea806
.jads.co/	1970-01-20 16:17:19	Name: imps8605 Value: 1
.jads.co/	1970-01-20 16:20:12	Name: juicy_data_1 Value: YToxOntpOjg4NDM5OTtpOjE3MDA0MTI2Nzg7fQ%3D%3D
.knit.bid/	1970-01-20 16:17:19	Name: _clsk Value: xmqldl\|1700153478680\|1\|1\|o.clarity.ms/collect
xx.knit.bid/	1970-01-21 01:41:48	Name: _pk_id.1.1e74 Value: 08d389fbe8f234d0.1700153480.
xx.knit.bid/	1970-01-20 16:15:55	Name: _pk_ses.1.1e74 Value: 1
.bing.com/	1970-01-21 01:37:29	Name: MUID Value: 23F52C6B082C6F2D23323FA009FE6ED5
.c.bing.com/	1970-01-20 16:25:58	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:37:29	Name: SRM_B Value: 23F52C6B082C6F2D23323FA009FE6ED5
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:37:29	Name: MUID Value: 23F52C6B082C6F2D23323FA009FE6ED5
.c.clarity.ms/	1970-01-20 16:25:58	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:15:54	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://xx.knit.bid/ Message: Access to XMLHttpRequest at 'https://s.pemsrv.com/splash.php?native-settings=1&idzone=4642630&cookieconsent=true&&p=https%3A%2F%2Fxx.knit.bid%2F' from origin 'https://xx.knit.bid' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s.pemsrv.com/splash.php?native-settings=1&idzone=4642630&cookieconsent=true&&p=https%3A%2F%2Fxx.knit.bid%2F Message: Failed to load resource: net::ERR_FAILED
other	error	URL: https://xx.knit.bid/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pemsrv.com
b-hls-02.doppiocdn.net
buttons-config.sharethis.com
c.bing.com
c.clarity.ms
count-server.sharethis.com
creative.mnaspm.com
edge-hls.doppiocdn.net
edge-hls.doppiocdn.org
go.mnaspm.com
go.xlivrdr.com
i.jads.co
img.strpst.com
js.juicyads.com
js.wpnsrv.com
l.sharethis.com
o.clarity.ms
platform-api.sharethis.com
platform-cdn.sharethis.com
poweredby.jads.co
region1.google-analytics.com
s.pemsrv.com
stats.viagle.com
stripchat.com
video.ktkjmp.com
www.clarity.ms
www.googletagmanager.com
xx.knit.bid
poweredby.jads.co
s.pemsrv.com
13.32.27.80
185.94.237.73
2001:4860:4802:32::36
205.185.216.10
2600:9000:2057:7600:c:dd71:23c0:93a1
2600:9000:2156:e400:1d:85c3:6640:93a1
2600:9000:2450:f800:c:2c8:3ac0:93a1
2600:9000:248c:8a00:8:b70:b740:93a1
2600:9000:25e8:e600:c:abe:f440:93a1
2606:4700:3035::ac43:d429
2606:4700:3036::6815:3da4
2606:4700:3110::6812:336a
2606:4700:3110::6812:3eeb
2606:4700:311f::6812:3f7e
2606:4700:311f::6812:3f84
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a02:6ea0:c700::18
2a02:6ea0:c700::19
3.120.113.109
42.193.105.3
52.152.143.207
65.9.66.92
68.219.88.97
8.253.95.111
95.211.229.246
00aa377d83f3d66a15bf2a20806c917d278a3487421b37c3768bcf4673975bbb
00abbe0f8a345185a8222edc20b9e97a76bfcbba268f280508e3df79fd685ff9
01496eae9ef08eeef6fc7690a189574e60dc777b7ebd3f7be5cbb87b2fe346b5
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
062000299c8472b7297db39153761686b4215b2d37a1341b55f86c8948dde442
0b1f7f6fce1d5535f562a9b7750abc666a9b0a279b614e6e29a25ae7576b72ef
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
142fe2a082dfe43f2eab11533885dba53ecbad12813475b89aa518424bfc062f
168727ae11aab165878f1fba7414a8f5dd7765e629da5b85fe126bb397820aa2
1760286fac70e3b4fef0df171c2e8ee7da9b352a08391a492ad60501896a2eae
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262246c94851c15d96f64215357156c914d03972c78bad1f04c94a95fd6ce36e
2908526087368bd7de00bc81b5f6406774e2023e3cdbcd99027e80322eb25eae
2efc5c63fa2e3fd027f662856e9b133645b7ba58793ade93cca224847aab5a39
305e8fac701ba76dad56c85151ebe36149d683c8e8d34356d4bb66b9e82a01f9
30b0efa4e89131b193c058f261e64a347b533eb3d599fa44ef7d8b05cb8d2cd8
3490880ab44334af9e221e2c948e80a5e891a7fdb0fca15d863471cd41d92b15
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa
36476fc178c0f3daa3fc659efb815d8ea8733ea20927052d9f6f9e45d65c0cd7
376d3dd231e31c44e5c53912a00992cdc439219a6d49d37589e5c6fc74ba5c0e
37e830404129794b035a270dd91edd8af05184403fc9e3379354a7bf2e8f4578
3cbe8cd67de67bffe4f98a27d6ae2e2159028b2f4697e761de8f25a6ba6216e8
406ca8a51dfe94477c1b28b0626916a5c551c44706b6699f5a466f7a923bda20
434e44a9c09123bff4287bc19b5993bf32ab2dc9f5fff81bc1b94412e33d452f
4774c4948e403827d5bfb975d44a48e605a979efeb32af56fe468ed2394ce21e
47cbf32b4f3734490b2ed23721a49f9dd33918d65a748f0fe4d2d5d9698fdfb1
47d0f3f01a60c090109b58cc523c0996c17a81843cd5fa33da918a48704ad205
48dcf2a9787523152023808b0bf55a33ccd87031bfb4144f3135dd210eafd5c2
4bde3e294ce46d20645f2be4d737ac84a77ebd479eb5d52ff5e23b00cc330821
571b1ba5f24f952208e2ee54b3817c8efa07a687957c7806b37d244f62b8c42a
579a049f7ef6ad0876ddb083d03e56f381cae33723a04fab43ecec69e9dcf515
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
63cf9fda52eb82dd5f9d18cd15e54af4ee08a7a37c6f0fdd09cc34fbfa598e06
650249d89ae33e6e47586097ab9aa8bb21a9683470cec730d207006cac30c9cb
6ba319dac56d65ec95c5a9fde9e8f0a2e9115b9f537acabf05619fd43f124c47
6d49916f545fc4c71c2e71494bb506864d2e34491ed657540141e9f1b802c208
71870acd3c5fc3a95fd0c510a21e2fa7ad38ef00ca91613fb76f13df486137f3
737beab6bf3b04eafbafdb40b2b07834d75188e28a15d8724572c7d037c72f18
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
78817c74d023c1f24fba184f7ff2ee9fb8c1e709c71fedc15e465814001998e5
7a2280c7626d95a71ad10ee70e3342f48fd6af170440848110c96cb191cab7cd
7cae1f4deec515c9bffe53b0fcdc372eb107abae2ec0ad24aca85b460c7ef195
7caefc937477979372cb63cec3c19fe4baf356464ff42003d8a904e9ade00c1f
8211bd489dded5ff869176191d0d5a72b9b066f276f12b443c7b9e2d08864a9d
8fc58bc2b91060a666e158a5283d6de2b3517378997cc9891f5b3523b36c4e01
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
98bac465e6af9628f726ded12957d035608da68dd83fa41dec9ce501c6280e90
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9ee1a587f804e9be23986e6d5cddb19bd1c635df99a1638cc73eb2c5e8f59cbe
a0480b6f6a36deec92f5a399314346bd87c92aff04accb105d790bf060f29bb8
a0a0337874ce8823c30b1f6cc2e36705b484929121c4c33aef6d9b4ae6d1b03f
a25a2532c59bb25b41fddb8b859ca3e0c0e7aeb47e51c8d0f766b7b46f9f59d9
ac322d43668f6d3a4d376c2832bb6332455f306f7329eea549dbd12ae0756201
afe66bf92838f75ad219c5cc5d9173d4edab55815a4d52262f72ed22cbf52150
b2f9257db3715bdcce47cfffa8b2d95e290d617399a970f280b5664e3d7f61e2
b413a7b9e7f7e4e6b9a3a768e652c2af8ce28c05f1227dd0a919a3135a90e04c
b5c0a71e77e127da8090462b75b686d7911e43521efc6b1e1143b34b702ef2dd
c45272c1b33373d94fb6786698d5145ba0cb558fc7494d91cbbb380b4fc561a8
c5201467c1cef671cc4597377ae3fdb2a870317fb0ac9d09aed5abbab2263142
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
cb48e3a670518d76c2a8ff5c00eae63ecdff94f68c08f04d598d7adc00d88de5
d01e38bcbd576ce9083e0575d19d9036be0de3d41e7d2023b0a0705934d1fe1f
d0e05d58a1280af198a141f850b7c801d57dd387a40305adcb3988cb939e2288
d2d5fca01232e0f201e3ed63481e08423ced62c325310652f4284da97f6589c2
d5a9d7eb994d170e5560b8cfafa08be24b95541b4aba1264d0836aae9b36aa6c
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
dbc03401fe8bad643ee6a242e9714a23b2604f775f60522fc18978ccb857d3f3
dd95f5f4a63fe0989f6af9e14eff95ee1c6e04d2b0c38d6359f28fa174396868
df0ae8713782229cd75ad43052897acbd3137df4281fe85c827901b1a98f1c33
e29f64518ff4aac2abdebd82ee2a9dd9da47bab6b689e4beff327246f7744411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b89c3d1e2f6eea3c6200ad9235a51edaa52cdb186f7bfea35ba0e1b875dec
e6ff9c46baff417e66eb426faf8f9cbec78810eb6d3875286a18a78f86d50f1e
e70b1f3dfe498e8eb1874da5959e4a4180f1a6d4180d8f3dceb99730ca24c29b
e952116381ea54ff9a0ebbc2c1065f03e43ea012d9e935368909db867e39925b
eb1663beb16f048a23f177c42de28f365e01b0db961b96036f371af2110a9c59
f1c30fb4ba9fa570b5195d637f97ecb5831899921416468d655019b31fbca796
f6428ed26e0fd88d83f7adac8fb716df1040576ff732d23ff6ec6da12a2f9b90
f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5
fbd1d3903c609d128e5aa86e82890426f2478b25862eef99406a8b6952e2a8de
fe4220781e985a731ca8137dff96c862b019b7cc017dd855fdf9e1411781f75f
ff7a6a0be139b984e80db980721590ce63b1d0c79b944744e504bec2dc231cb9

xx.knit.bid Open in urlscan Pro 2606:4700:3035::ac43:d429 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

94 %HTTPS

63 %IPv6

18 Domains

28 Subdomains

26 IPs

5 Countries

6962 kBTransfer

8185 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xx.knit.bid Open in urlscan Pro
2606:4700:3035::ac43:d429 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

94 %
HTTPS

63 %
IPv6

18
Domains

28
Subdomains

26
IPs

5
Countries

6962 kB
Transfer

8185 kB
Size

21
Cookies

102 HTTP transactions
0 data transactions